It’s time to clear up the situation we were going through last Tuesday.
What has happened exactly?
Pushwoosh has come under the strong pressure of external DDoS attack, and we have taken measures to minimize the risk for all our users. It resulted in severe connectivity issues and servers being unavailable, as many of you could notice.
Even though there was no threat to lose user data, since it was the frontend that has been affected, we wanted to nullify the hazard and took it all down. Yes, it caused sporadic issues with servers’ availability, CP and API access. But the security of our users is above all other things for us, that’s why we did all we could to stay as safe as possible. You just can’t be too careful in such cases. And this attitude has paid off.
Why did it last for so long?
All efforts were accumulated to increase the resistance to any possible external attack. It took us some reasonable time to double-check every instance. When we absolutely sure that there was nothing to worry about – we restore connections to our servers one by one.
Please note that except for the short period when security alert has triggered alarm for the system overall, no Enterprise client was affected.
What’s the current status?
After emergency maintenance was finished, all our Public Cloud servers were working at full capacity. No failed or slow CP login attempts, API issues or other server instability is being detected at the moment.
Are there any changes or improvements?
Yes. We’ve added an additional domain for our Control Panel to increase the service stability and meet the challenges of the growth. The new address is go.pushwoosh.com, and we highly recommend you to use it to connect to your Control Panel instead of cp.pushwoosh.com. There will be other additional fronts added over time, and it’s only for your convenience and security, nothing more. All features, layouts and credentials remain unchanged. cp.pushwoosh.com is still working in normal mode so you have enough time to readjust. We will gradually deprecate the old address in one year.
We really want to thank all of you for your feedback, commitment and patience. We keep going for you and with your help. Anyone can be attacked, but not everyone has such a responsive and empathic audience!.
We sincerely hope that this incident report has clarified the situation