[Minor] Box.com Site Is Inaccessible

Incident Report for Box

Issue Summary

We recently addressed issues affecting the Box marketing site (www.box.com). We would like to take the opportunity to further explain these issues and the steps we have taken to keep them from happening in the future.

Between 12:54pm PDT and 1:14pm PDT on July 20th, 2023, some visitors to Box’s marketing sites were temporarily prevented from accessing those sites. The issue occurred as a result of Box’s marketing site vendor mitigating a DDoS attack that inadvertently also impacted legitimate user traffic. The issue was resolved once the the vendor was able to push an engineering fix to identify legitimate user traffic. In addition, we are working on improving our false-positive detection as well as improving the DDoS mitigation overrides to unblock legitimate traffic to prevent similar issues from occurring in the future.

Analysis

The cause of the issue was the DDoS attack aimed at Box’s marketing site, which kicked off an automated mitigation by Box’s marketing site vendor. This mitigation consisted of two responses:

  1. Blocking traffic that was malformed (attack traffic)
  2. Blocking traffic volume from a source once it crossed an internal threshold

Because Box proxies the marketing site traffic through our external load balancers, there is little variance in the source as seen by the vendor, which contributed to the internal threshold signals set by the vendor. This second response was responsible for blocking legitimate user traffic, and was fixed by the vendor’s engineering team. The fix rollout also coincided with a drop in the attack traffic.

Corrective Actions

The following corrective actions have been completed or are planned:

  • Enable additional logging from the vendor to be able to identify mitigation responses as false positives
  • Add mitigation overrides to address false positives when needed

We are continuously working to improve Box and want to make sure we are delivering the best product and user experience we can. We hope we have provided some clarity here and we would be happy to answer any questions you may still have regarding this matter. 

Sincerely,
The Box Team

Posted 2 years ago. Jul 26, 2023 - 15:55 PDT

Resolved

After further monitoring, this incident is now considered resolved. If you continue to experience any issues, please contact Box Support at https://support.box.com.
Posted 2 years ago. Jul 20, 2023 - 13:52 PDT

Monitoring

Our team has taken steps to remediate this issue and is seeing improvement for Box.com load times. We are continuing to monitor for any additional impact.
Posted 2 years ago. Jul 20, 2023 - 13:20 PDT

Investigating

Our team is investigating an issue with accessing the Box.com website, which currently shows an error message. Users encountering this issue can still navigate to account.box.com or their respective subdomain.box.com URL to begin their login flow. We will provide additional information as it becomes available.
Posted 2 years ago. Jul 20, 2023 - 13:16 PDT
This incident affected: Box Website.
Current Status Powered by Atlassian Statuspage