Statement Release

Statement Release

SMS Verify Club Admin


TL;DR

For the past one month or so, we were affected by frequent denial of service attacks coupled with an expired certificate on our server (The actual website was not affected since its hosted with Google). We have since fixed the issues. Read on below for detailed explanations. We apologise for any inconvenience caused during the period.


Error during logon

The expired certificate on the server side caused an error during logon, hence users experienced a red error popup message. The reason for this is that both the website and server must have a valid SSL certificate in order to exchange data. In our case only the website had a valid certificate.


DDOS Attacks

We were frequently under attack from unknown sources who flooded the API with lots of requests.


Solutions

We are now protecting the API server behind the Cloudflare network in order to prevent it against malicious flooding.

We have also permanently switched our API SSL certificate issuer to Cloudflare from LetsEncrypt, since Cloudflare offers a longer period before it expires.