[AusNOG] AWS CloudFront Issues
Lincoln Dale
ltd at interlink.com.au
Mon Feb 10 08:45:45 AEDT 2025
On Mon, Feb 10, 2025 at 7:43 AM Robert Hudson <hudrob at gmail.com> wrote:
> Doesn't make it easier though when certain providers spread the problem
> around by re-using compromised IPs.
>
The fault here lies with VirusTotal (likely actually Google, its parent)
who are doing outmoded/outdated attaching "trust" to an IP address.
Specifically, since RFC 2817 (almost 25 ago) one has not needed to use a
"dedicated IP per SSL certificate". And assigning reputation on an IP of
what is clearly a CDN is going to have its issues.
There is no such thing here as a "compromised IP". The reputation for the
IP is "This IP address has been detected as a proxy connection, which could
be hurting your IP reputation", which is pretty much the definition of a
CDN. The reality is CDNs as a general rule don't dedicate IPs to domains or
customers, because there's way more domains than there are IP addresses
allocated to serve them.
I found the ticket internally, looks resolved, reach out if any issues.
On Sun, Feb 9, 2025 at 9:20 PM Mitch Kelly <mitchkelly24 at gmail.com> wrote:
> Sadly also having issues with CloudFront. Issues started to show their
>>> head Tuesday last week and have been getting worse. With many sites not
>>> working at all.
>>>
>> Not aware of any widespread issue.
Same offer as to Robert, if you are looking for assistance, send it though
to me.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20250210/fb56bbfe/attachment.htm>
More information about the AusNOG
mailing list