Skip to content

Incident detail

Temporarily disabling new user registrations

Temporarily disabling new user registrations

Resolved incidentMinor0 affected services

Timeline window

to

Timeline

Incident updates

Updates are normalized from the official source chronology so timeline changes remain easy to scan.

  1. Identified

    Due to an ongoing DDoS attack against rubygems.org, we have temporarily disabled registrations. We'll share an update once we've made changes to protect legitimate users and prevent further abuse.

  2. Identified

    The malicious spam activity against rubygems.org has stopped. The bot accounts responsible have been blocked and removed, and the 500+ malicious packages pushed during the attack have been yanked from the registry. Registrations will remain closed while we coordinate with Fastly to enable WAF protection and tighten rate limiting on account creation. We expect this to take two to three days. We'll post another update when we're closer being ready to re-enable user registrations. Gem installs and pushes for existing users are unaffected.

  3. Resolved

    This incident has been resolved and we've re-enabled account registrations