Comment by misswaterfairy
4 hours ago
> During our attempts to remediate, we have disabled WARP [their VPN service] access in London. Users in London trying to access the Internet via WARP will see a failure to connect. Posted 4 minutes ago. Nov 18, 2025 - 13:04 UTC
Is Cloudflare being attacked...?
This line also gave me that vibe
> We have made changes that have allowed Cloudflare Access [their 'zero-trust network access solution'] and WARP to recover. Error levels for Access and WARP users have returned to pre-incident rates. > We have re-enabled WARP access in London.
> We are continuing to work towards restoring other services. > Posted 12 minutes ago. Nov 18, 2025 - 13:13 UTC
Now I'm really suspicious that they were attacked...
I will bet it's routing misconfig.
It always is.
[flagged]
Someone running cloudflared accidentally advertising a critical route into their Warp namespace and somehow disrupting routes for internal Cloudflare services doesn't seem too far fetched.
We vibe coded a tool to mass disconnect Cloudflare Warp for incident responders: https://github.com/aberoham/unwarp
To go along with the shenanigans around dealing with MITM traffic inspection https://github.com/aberoham/fuwarp