Yesterday was a very difficult day for Yola and our customers. Yola’s servers were attacked unexpectedly and maliciously by as yet unknown individuals and/or groups, bringing down all of our hosted websites as well as our service provider’s entire datacenter.
The thing Yola cares about most is providing a world class service to all our customers, and doing so consistently and reliably. When our servers are attacked, your website is attacked. We don’t take this lightly. We worked around the clock to bring the service back up, and talked to you in our customer community forum, Twitter, Facebook and email during the outage to answer your questions and keep you up-to-date.
We’re posting this information on our blog now to tell you what happened, what we’re going to do about it in the future, and, most importantly, to apologize. Regardless of the reasons, your website was down. Please know that however frustrated we were with the situation, we understand you were more so. We’re very sorry.
Here’s what happened and what we plan to do about it:
What was attacked?
The IP address of our hosting service came under a vicious Denial of Service (“DoS”) attack, affecting all of our hosted sites. The attack consisted of an enormous amount of nonsense data aimed at our servers. With all of this junk flowing through it, it was impossible for legitimate traffic to get to your sites.
What happened to my website? Is it secure now?
Your website is safe. It was secure during the attack, but impossible to get to (kind of like a roadblock). We’ve created another route to your site, and have been updating all the domains we control to use this route.
What do I need to do?
If you bought your domain from Yola or you use our yolasite.com subdomain, your site is already fully functional and you don’t need to do a thing. We’ve already done everything to move your site to the new address, and everything should be up and running normally.
If you bought your domain elsewhere (i.e. through a different domain registrar) and are pointing it to our service, please see these instructions for reconfiguring your DNS: Pointing your domain to Yola.
Why did this happen to Yola?
This unfortunately happens to many companies on the web. There are just people who like to do malicious things. We’re not the first site to experience this, and we won’t be the last. We’ll continue to do everything possible to protect our service and our customers from these kinds of attacks in the future.
What did Yola have in place to protect its customers from this attack?
We’ve always had state-of-the art defenses in place; we split our networks up so that an attack on one part would not affect the other, and we bought special hardware to put in front of our sites. Normally these defenses were more than we needed. Not this time. We couldn’t have seen an attack like this coming, and what we had in place just wasn’t enough. We’re fixing this.
What will Yola do to prevent another attack of this nature in future?
We’ve brought in a global web security firm whose expertise is the prevention and mitigation of incidents like this. We’re now creating the kind of protection usually reserved only for banks and government institutions to ensure this does not happen again, and will surpass that of most website hosting services.
Thank you for your patience and support during this trying time. The questions and comments we received (even the critical ones!) confirmed what we already knew: Yola has the best customers around.
On behalf of the entire Yola team,