Northflank - *.code.run dangerous security warning – Incident details

All systems operational

*.code.run dangerous security warning

Resolved
Operational
Started over 1 year agoLasted about 1 hour

Affected

Northflank Platform

Operational from 11:49 AM to 1:11 PM

Networking

Operational from 11:49 AM to 1:11 PM

Updates
  • Resolved
    Resolved

    It appears the warning has been lifted for *.code.run domains and are now working as expected. We continue to monitor the situation closely. We apologise for any inconvenience.

  • Identified
    Identified

    Google’s Safe Browsing has marked *.code.run as a dangerous domain. This impacts all public HTTPS endpoints that do not use a custom domain. We recommend appealing for your specific service domains at https://safebrowsing.google.com/safebrowsing/report_error/.

    We have sent the relevant documentation via Google Search Console and await a response from Google. We will explore options including:

    • temporarily using another domain for new workloads
    • exploring wildcard and vanity replacement of *.code.run on a per-user basis
    • adding *.code.run to an allow-list

    Cause:
    A user was caught deploying a phishing website and was banned within 10 minutes of notification. *.code.run is a member of the PSL, and, unfortunately, it is not considered when blocking thousands of domains for one offending workload.