Arch Linux Confirms Ongoing Denial‑of‑Service Attack

Arch Linux confirms a denial-of-service attack disrupting the AUR, forums, and main site, with developers working alongside providers to restore stability.

Arch Linux Confirms Ongoing Denial‑of‑Service Attack

As we informed you last Friday, Arch users experienced difficulties accessing some services. Yesterday, the distribution shared an official statement about it.

In it, the Arch Linux Project has confirmed that recent outages affecting its infrastructure are the result of an ongoing DoS attack. The disruptions have primarily hit the project’s main website, the Arch User Repository (AUR), and its community forums.

Arch is currently experiencing some service outages.
Arch is currently experiencing some service outages.

Developers said they are working closely with their hosting provider to mitigate the attack while also weighing longer-term options, including dedicated DDoS protection services.

The Arch Linux Project is currently experiencing an ongoing denial of service attack that primarily impacts our main webpage, the Arch User Repository (AUR), and the Forums. We are aware of the problems that this creates for our end users and will continue to actively work with our hosting provider to mitigate the attack.

To help keep users in the loop, Arch has committed to posting regular updates on its service status page. In the meantime, workarounds are available. If the main archlinux.org site is unavailable, tools like reflector—which normally pull updated mirrors from the official endpoint—won’t work. In that case, users should fall back on the mirrors already listed in the pacman-mirrorlist package.

Users are also reminded always to verify the integrity of these downloads with trusted signatures.

For AUR disruptions, the team maintains a GitHub mirror where packages can be retrieved directly via Git. This option provides some continuity for users who rely on AUR packages during the ongoing attack.

Arch also noted that some services may appear unresponsive on the first attempt because of TCP SYN authentication checks from the hosting provider. In most cases, retrying the request allows connections to succeed.

Lastly, the developers explicitly declined to share technical details about the attack or its origin, citing security concerns. Once the issue is fully resolved, those details will probably be shared with the public.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

One comment

  1. Rick

    they need to use a dedicated DDoS protection service like cloudflare so we can be done with this issue

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts