Welcome to Haposoft Blog

The React team has disclosed additional security vulnerabilities affecting React Server Components, discovered while researchers were testing the effectiveness of last week’s critical patch (React2Shell). While these newly identified issues do not enable Remote Code Execution, they introduce serious risks, including Denial of Service (DoS) attacks and potential source code exposure. Due to their severity, immediate upgrades are strongly recommended. Overview of the Newly Disclosed Vulnerabilities Security researchers identified two new vulnerability classes in the same React Server Components packages affected by CVE-2025-55182. High Severity: Denial of Service (DoS) CVE-2025-55184 CVE-2025-67779 CVSS Score: 7.5 (High) A maliciously crafted HTTP request sent to a Server Function endpoint can trigger an infinite loop during deserialization, causing the server process to hang and consume CPU indefinitely. Notably, even applications that do not explicitly define Server Functions may still be vulnerable if they support React Server Components. This vulnerability enables attackers to: Disrupt service availability Degrade server performance Potentially cause cascading infrastructure impact The React team has confirmed that earlier fixes were incomplete, leaving several patched versions still vulnerable until this latest release. Medium Severity: Source Code Exposure CVE-2025-55183 CVSS Score: 5.3 (Medium) Researchers discovered that certain malformed requests could cause Server Functions to return their own source code when arguments are explicitly or implicitly stringified. This may expose: Hardcoded secrets inside Server Functions Internal logic and implementation details Inlined helper functions, depending on bundler behavior Important clarification: Only source-level secrets may be exposed. Runtime secrets such as process.env.SECRET are not affected. What Is Affected and Who Needs to Take Action The newly disclosed vulnerabilities impact the same React Server Components packages as the previously reported issue, and affect a range of commonly used frameworks and bundlers. Teams should review their dependency tree carefully to determine whether an upgrade is required. Affected Packages and Versions These vulnerabilities affect the same packages and version ranges as the previously disclosed React Server Components issue. Affected packages react-server-dom-webpack react-server-dom-parcel react-server-dom-turbopack Vulnerable versions 19.0.0 → 19.0.2 19.1.0 → 19.1.3 19.2.0 → 19.2.2 Fixed Versions (Required Upgrade) The React team has backported fixes to the following versions: 19.0.3 19.1.4 19.2.3 If your project uses any of the affected packages, upgrade immediately to one of the versions above. ⚠️ If you already updated last week, you still need to update again. Versions 19.0.2, 19.1.3, and 19.2.2 are not fully secure. Impacted Frameworks and Bundlers Several popular frameworks and tools depend on or bundle the vulnerable packages, including: Next.js React Router Waku @parcel/rsc @vite/rsc-plugin rwsdk Refer to your framework’s upgrade instructions to ensure the correct patched versions are installed. Who Is Not Affected Apps that do not use a server Apps not using React Server Components Apps not relying on frameworks or bundlers that support RSC React Native Considerations React Native applications that do not use monorepos or react-dom are generally not affected by these vulnerabilities. For React Native projects using a monorepo, only the following packages need to be updated if they are installed: react-server-dom-webpack react-server-dom-parcel react-server-dom-turbopack Upgrading these packages does not require updating react or react-dom and will not cause version mismatch issues in React Native. Recommended Solutions and Mitigation Strategy While upgrading to the fixed versions is mandatory, these vulnerabilities also expose broader weaknesses in dependency management and secret handling that teams should address to reduce future risk. Immediate Fix All affected applications should upgrade immediately to one of the patched versions: 19.0.3 19.1.4 19.2.3 Previously released patches were incomplete, and hosting provider mitigations should be considered temporary safeguards only, not a long-term solution. Updating to the fixed versions remains the only reliable mitigation. Automate Dependency Updates to Reduce Exposure Time Modern JavaScript ecosystems make it difficult to manually track security advisories across all dependencies. Using tools such as Renovate or Dependabot helps automatically detect vulnerable versions and create upgrade pull requests as soon as fixes are released. This reduces response time and lowers the risk of running partially patched or outdated packages in production. Ensure CI/CD Pipelines Can Absorb Security Upgrades Safely Frequent dependency upgrades are only safe when supported by reliable automated testing. Maintaining comprehensive CI/CD pipelines with sufficient test coverage allows teams to apply security updates quickly while minimizing the risk of breaking changes. This enables faster remediation when new vulnerabilities are disclosed. Remove Secrets from Source Code to Limit Blast Radius Secrets embedded directly in source code may be exposed if similar vulnerabilities arise again. Store secrets using managed services such as AWS SSM Parameter Store or AWS Secrets Manager Implement key rotation mechanisms without downtime Even if source code is exposed, properly managed runtime secrets significantly limit real-world impact. Why Follow-Up CVEs Are Common After Critical Disclosures It is common for critical vulnerabilities to uncover additional issues once researchers begin probing adjacent code paths. When an initial fix is released, security researchers often attempt to bypass it using variant exploit techniques. This pattern has appeared repeatedly across the industry. A well-known example is Log4Shell, where multiple follow-up CVEs were reported after the first disclosure. While additional disclosures can be frustrating, they usually indicate: Active security review Responsible disclosure A healthy patch and verification cycle Final Notes Some hosting companies set up quick fixes, yet those aren't enough on their own. Keeping dependencies updated is still a top way to stay safe from new supply-chain risks. If your application uses React Server Components, reach out to Haposoft now! We'll figure out what’s impacted while taking care of the update without mess. It means going through your dependencies one by one, making sure everything builds right in the end.

On December 3, 2025, the React team revealed a critical Remote Code Execution vulnerability in React Server Components (RSC). It affects several RSC packages and some of the most widely used React frameworks, including Next.js. A fix is already out, so the urgent step now is simply checking whether your project uses these packages—and updating to the patched versions if it does. Overview of the Vulnerability A newly reported flaw allows unauthenticated Remote Code Execution (RCE) on servers running React Server Components. Type: Unauthenticated Remote Code Execution CVE: CVE-2025-55182 (NIST , GitHub Advisory Database) Severity: CVSS 10.0 (Maximum severity) This means an attacker could execute arbitrary code on the server without any form of authentication, giving them full control of the affected environment. The issue is caused by a flaw in how React decodes payloads sent to React Server Function endpoints. A maliciously crafted HTTP request can trigger unsafe deserialization, leading to remote code execution. React will publish additional technical details once the patch rollout is fully completed. Scope of Impact Any application that supports React Server Components may be exposed, even if it never defines any Server Function endpoints. The vulnerability exists in the underlying RSC support layer used by multiple frameworks and bundlers. Your application is not vulnerable if: Your React code does not run on a server, or Your application does not use a framework, bundler, or plugin that supports React Server Components. Traditional client-only React applications are unaffected. Affected Versions and Components The vulnerability is tied to specific versions of the React Server Components packages and to the frameworks that depend on them. Identifying whether your project uses any of these versions is the first step in determining your exposure. Vulnerable Packages The issue affects the following packages in versions 19.0, 19.1.0, 19.1.1, and 19.2.0: react-server-dom-webpack react-server-dom-parcel react-server-dom-turbopack Affected Frameworks and Bundlers Several frameworks that rely on these packages are also impacted, including: Next.js React Router (when using unstable RSC APIs) Waku @parcel/rsc @vitejs/plugin-rsc Redwood SDK Security Fix and Recommended Actions The React team has released patched versions, and major frameworks have issued corresponding updates. Applying these fixes promptly is the only reliable way to remove the vulnerability from affected projects. Patched Versions The React team has released fixed versions: 19.0.1 19.1.2 19.2.1 (or any version newer than these) Upgrading to a patched release is mandatory to eliminate the vulnerability. Framework Updates Framework maintainers have also published security updates. For example, Next.js users must upgrade to one of the following patched versions: next@15.0.5 next@15.1.9 next@15.2.6 next@15.3.6 next@15.4.8 next@15.5.7 next@16.0.7 Other ecosystems (React Router, Redwood, Vite plugin, Parcel, Waku, etc.) also require upgrading to their latest patched versions. What Development Teams Should Do Now We recommend the following immediate steps: Audit all projects to confirm whether React Server Components or related frameworks are in use. Check package versions for the affected libraries listed above. Upgrade to the patched versions immediately if your application falls within the impacted scope. Review deployment environments for any unusual activity (optional but advisable for security). Document and report the findings to your internal security or project stakeholders. Conclusion This vulnerability (CVE-2025-55182) is one of the most severe vulnerabilities ever disclosed within the React ecosystem, and it may impact a wide range of modern React-based applications. To maintain security and prevent potential exploitation, all teams should: Review their applications, Identify affected components, and Apply the necessary upgrades without delay. If you need a security audit or patch support within your React-based web development projects, Haposoft is ready to step in.

Workloads spike, drop, and shift without warning, and fixed servers rarely keep up. AWS Lambda serverless architecture approaches this with a simple idea: run code only on events, scale instantly, and remove the burden of always-on infrastructure. It’s a model that reshapes how event-driven systems are designed and operated. Architecture of a Serverless System with AWS Lambda Event-driven systems depend on a few core pieces, and aws lambda serverless architecture keeps them tight and minimal. Everything starts with an event source, flows through a small, focused function, and ends in a downstream service that stores or distributes the result. Event Sources AWS Lambda is activated strictly by events. Typical sources include: S3 when an object is created or updated API Gateway for synchronous HTTP calls DynamoDB Streams for row-level changes SNS / SQS for asynchronous message handling Kinesis / EventBridge for high-volume or scheduled events CloudWatch Events for cron-based triggers Each trigger delivers structured context (request parameters, object keys, stream records, message payloads), allowing the function to determine the required operation without maintaining state between invocations. Lambda Function Layer Lambda functions are designed to remain small and focused. A function typically performs a single operation such as transformation, validation, computation, or routing. The architecture assumes: Stateless execution: no in-memory persistence between invocations. Externalized state: stored in services like S3, DynamoDB, Secrets Manager, or Parameter Store. Short execution cycles: predictable runtime and reduced cold-start sensitivity. Isolated environments: each invocation receives a dedicated runtime sandbox. This separation simplifies horizontal scaling and keeps failure domains small. Versioning and Aliases Lambda versioning provides immutable snapshots of function code and configuration. Once published, a version cannot be modified. Aliases act as pointers to specific versions (e.g., prod, staging, canary), enabling controlled traffic shifting. Typical scenarios include: Blue/Green Deployment: switch alias from version N → N+1 in one step. Canary Deployment: shift partial traffic to a new version. Rollback: repoint alias back to the previous version without redeploying code. This mechanism isolates code promotion from code packaging, making rollouts deterministic and reversible. Concurrency and Scaling Lambda scales by launching separate execution environments as event volume increases. AWS handles provisioning, lifecycle, and teardown automatically. Invocation-level guarantees ensure that scaling behavior aligns with event volume without manual intervention. Key controls include: Reserved Concurrency — caps the maximum number of parallel executions for a function to protect downstream systems (e.g., DynamoDB, RDS, third-party APIs). Provisioned Concurrency — keeps execution environments warm to minimize cold-start latency for latency-sensitive or high-traffic endpoints. Burst limits — define initial scaling throughput across regions. Reference Pipeline (S3 → Lambda → DynamoDB/SNS → Glacier) A common pattern in aws lambda serverless architecture is event-based data processing. This pipeline supports workloads such as media ingestion (VOD), IoT telemetry, log aggregation, ETL preprocessing, and other burst-driven data flows. Example flow: Integration Patterns in AWS Lambda Serverless Architecture Lambda typically works alongside other AWS services to support event-driven workloads. Most integrations fall into a few recurring patterns below. Lambda + S3 When new data lands in S3, Lambda doesn’t receive the file — it receives a compact event record that identifies what changed. Most of the logic starts by pulling the object or reading its metadata directly from the bucket. This integration is built around the idea that the arrival of data defines the start of the workflow. Typical operations Read the uploaded object Run validation or content checks Produce transformed or derivative outputs Store metadata or results in DynamoDB or another S3 prefix Lambda + DynamoDB Streams This integration behaves closer to a commit log than a file trigger. DynamoDB Streams guarantee ordered delivery per partition, and Lambda processes batches rather than single items. Failures reprocess the entire batch, so the function must be idempotent. Use cases tend to fall into a few categories: updating read models, syncing data to external services, publishing domain events, or capturing audit trails. The “before” and “after” images included in each record make it possible to detect exactly what changed without additional queries. Lambda + API Gateway Unlike S3 or Streams, the API Gateway path is synchronous. Lambda must complete within HTTP latency budgets and return a well-formed response. The function receives a full request context—headers, method, path parameters, JWT claims—and acts as the application logic behind the endpoint. A minimal handler usually: Validates the inbound request Executes domain logic Writes or reads from storage Returns JSON with proper status codes No queues, no retries, no batching—just request/response. This removes the need for EC2, load balancers, or container orchestration for API-level traffic. Lambda + Step Functions Here Lambda isn’t reacting to an event, it’s being invoked as part of a workflow. Step Functions control timing, retries, branching, and long-running coordination. Lambda performs whatever unit of work is assigned to that state, then hands the result back to the state machine. Workloads that fit this pattern: multi-stage data pipelines approval or review flows tasks that need controlled retries processes where orchestration is more important than compute Lambda + Messaging (SNS, SQS, EventBridge, Kinesis) Each messaging service integrates with Lambda differently: SNS delivers discrete messages for fan-out scenarios. One message → one invocation. SQS provides queue semantics; Lambda polls, receives batches, and must delete messages explicitly on success. EventBridge routes structured events based on rules and supports cross-account buses. Kinesis enforces shard-level ordering, and Lambda processes batches sequentially per shard. Depending on the source, the function may need to handle batching, ordering guarantees, partial retries, or DLQ routing. This category is the most varied because the semantics are completely different from one messaging service to another. Recommended Setup for AWS Lambda Serverless Architecture A practical baseline configuration that reflects typical usage patterns and cost behavior for a Lambda-based event-driven system. Technical Recommendations A stable Lambda-based architecture usually follows a small set of practical rules that keep execution predictable and operations lightweight: Function Structure Keep each Lambda focused on one task (SRP). Store configuration in environment variables for each environment (dev/staging/prod). Execution Controls Apply strict timeouts to prevent runaway compute and unnecessary billing. Enable retries for async triggers and route failed events to a DLQ (SQS or SNS). Security Assign least-privilege IAM roles so each function can access only what it actually needs. Observability Send logs to CloudWatch Logs. Use CloudWatch Metrics and X-Ray for tracing, latency analysis, and dependency visibility. Cost Profile and Expected Savings Below is a reference cost breakdown for a typical Lambda workload using the configuration above: Component Unit Price Usage Monthly Cost Lambda Invocations $0.20 / 1M 3M ~$0.60 Lambda Compute (512 MB, 200 ms) ~$0.0000008333 / ms ~600M ms ~$500 S3 Storage (with lifecycle) ~$0.023 / GB ~5 TB ~$115 Total – – ≈ $615/month With this model, teams typically see 40–60% lower cost compared to fixed server-based infrastructures, along with near-zero operational overhead because no servers need to be maintained or scaled manually. Cost Optimization Tips Lambda charges based on invocations + compute time, so smaller and shorter functions are naturally cheaper. Event-driven triggers ensure you pay only when real work happens. Apply multi-tier S3 storage: Standard → Standard-IA → Glacier depending on access frequency. Conclusion A serverless architecture aws lambda works best when the system is designed around clear execution paths and predictable event handling. With the right structure in place, the platform stays stable and cost-efficient even when workloads spike unexpectedly. Haposoft is an AWS consulting partner with hands-on experience delivering serverless systems using Lambda, API Gateway, S3, DynamoDB and Step Functions. We help teams review existing architectures, design new AWS workloads and optimize cloud cost without disrupting operations. If you need a practical, production-ready serverless architecture, Haposoft can support you from design to implementation.

When you submit an app to Google Play, most early failures surface in Closed Testing, not the final review. What we share here comes from real testing practice, and it’s what made handling those failures predictable for us. What Google Play Closed Testing Is Closed Testing is where Google first checks your app using real user activity, so it matters to understand what this stage actually requires. Where Closed Testing Fits in the Submission Process When you submit an app to Google Play, it doesn’t go straight to the final review. Before reaching that stage, every build must pass through Google’s internal testing tracks—Internal Testing → Closed Testing → Open Testing. Closed Testing sits in the middle of this flow and is the first point where Google expects real usage from real users. If the app fails here, it never reaches the actual “Submit for Review” step. That’s why many teams face repeated rejections without realizing the root cause comes from this stage, not the final review. Google Play Closed Testing in Simple Terms Google Play Closed Testing is a private release track where your app is shared with a small group of testers you select. These testers install the real build you intend to ship and use it in everyday conditions. The goal is straightforward: Google wants to see whether the app behaves like a complete product when real people interact with it. In this controlled environment, Google observes how users move through your features, how data is handled, and whether the experience matches what you describe in your Play Console settings. This is essentially Google’s early check to confirm that the app is stable, transparent, and built for genuine use—not just something assembled to pass review. What Google Expects During Closed Testing The core function of Google Play Closed Testing is to verify authenticity. Google wants evidence that your app is functional, transparent, and ready for real users, not a rushed build created solely to pass review. To make this evaluation, Google looks for a few key signals: Real testers using real, active Google accounts Real usage patterns, not one-off opens or artificial interactions Consistent engagement over time, typically around 14 days for most app types Actions inside your core features, not empty screens or placeholder flows Behavior that aligns with your Data Safety, privacy details, and feature declarations Evidence that the app is “alive”, such as logs, events, and navigation patterns generated from authentic interactions Google began tightening its review standards in 2023 after more unfinished and auto-generated apps started slipping into the submission flow. Instead of relying only on manual checks, Google now leans heavily on the activity recorded during Closed Testing to understand how an app performs under real use. This gives the review team a clearer picture of stability, data handling, and readiness—making Closed Testing a much more decisive step in whether an app moves forward. Why Google Play Closed Testing Is So Hard to Pass Most teams fail Closed Testing because their testing behavior doesn’t match the actual evaluation signals Google uses. The table below compares real developer mistakes with Google’s real criteria, so you can see exactly why each issue leads to rejection. Common Issues During Testing What Google Actually Checks Teams treat Closed Testing like internal QA. Testers only tap around the interface and rarely complete real user journeys. Google checks full, natural flows. It expects onboarding → core action → follow-up action. Shallow tapping does not confirm real functionality, so Google marks the test as lacking behavioral proof. Testers open the app once or twice and stop. Most activity happens on day 1, then engagement drops to zero. Google checks multi-day usage patterns. It needs recurring activity to evaluate stability and real adoption. One-off launches look like artificial or incomplete testing → fail. Core features remain untouched because testers don’t find or understand them. Navigation confusion prevents users from triggering important flows. Google checks whether declared core features are actually used. If users don’t naturally reach those flows, Google cannot validate them → flagged as “unverified behavior.” Permissions are declared but no tester enters flows that use them. e.g., camera, location, contacts, or other data-related actions never get triggered. Google cross-checks declared permissions with real behavior. If a permission never activates during testing, Google treats the Data Safety form as unverifiable → extremely high rejection rate. Engagement collapses after the first day. Testers lose interest quickly, resulting in long periods of zero activity. Google checks consistency over time (≈14 days). When usage dies early, the system sees weak, unreliable activity that does not resemble real-world usage → rejection. Passing Google Play Closed Testing: A Real Case Study Closed Testing turned out to be far stricter than we expected. What looked like a simple pre-release step quickly became the most decisive part of the review, and our team had to learn this the hard way—through three consecutive rejections before finally getting approved. The Three Issues That Held Us Back in Closed Testing These were the three recurring problems that blocked our app from moving past Google Play’s Closed Testing stage. #Issue 1: Having Testers, but Not Enough “Real” Activity In the first attempt, we only invited one person to join the test, so the app barely generated any meaningful activity. Most of the usage stopped at simple screen opens, and none of the core features were exercised in a way Google could evaluate. With such a small and shallow pattern, the system couldn't treat it as real user participation. The build was rejected right away for not meeting the minimum level of authentic activity. #Issue 2: Misunderstanding the “14-Day Activity” Requirement For the second round, we expanded the group to twelve testers, but most of them stopped using the app after just a few days. The remaining period showed almost no engagement, which meant the full 14-day window Google expects was never actually covered. Although the number of testers looked correct, the lack of continuous usage made the test inconclusive. Google dismissed the submission because the activity dropped off too early. #Issue 3: No Evidence of Real Activity (Logs, Tracking, or Records) By the third attempt, we finally kept twelve testers active for the entire duration, but we failed to capture what they did. There were no logs showing feature flows, no tracking to confirm event sequences, and no recordings for actions tied to sensitive permissions. From Google's viewpoint, the numbers in the dashboard had nothing to support them. Without verifiable evidence, the review team treated the activity as unreliable and rejected the build again. What Finally Helped Us Pass Google Play Closed Testing To fix the issues in the earlier attempts, the team reorganized the entire test instead of adding more testers at random. Everything was structured so Google could see consistent, authentic behaviour from real users. A larger tester group created a more reliable activity curve The previous rounds didn’t generate enough meaningful activity, so we increased the number of people involved. The larger group created a more natural engagement pattern that gave Google more complete usage signals to review. Extending the testing period from 14 to 17 consecutive days To avoid the early drop-off that hurt our earlier attempts, we kept the test running a little longer than the minimum 14 days. The longer duration prevented mid-test gaps and helped Google see continuous interaction across multiple days. Introducing a detailed daily checklist so testers covered the right flows Instead of letting everyone tap around freely, we provided a short list of the core actions Google needed to observe. A clear checklist guided testers through specific actions each day, producing consistent evidence for the features Google needed to verify. Enabling device-level tracking and full system logs Earlier data was too thin to validate behaviour, so we enabled device-level tracking and full system logs to review and later align with Google’s dashboard. This fixed the “invisible activity” issue from the earlier rounds and gave the review team something concrete to validate. Having testers record short videos of their actions Some flows involving permissions weren’t reflected clearly in logs, so testers recorded short clips when performing these tasks. These videos provided direct confirmation of how camera, file access and upload flows worked. Adding small features and content to encourage natural engagement The previous builds didn’t encourage repeated use, so we added minor features and content updates to create more realistic daily engagement. These adjustments helped testers interact with the app in a way that resembled real usage, not surface-level taps. Release Access Form: A Commonly Overlooked Step in the Approval Process After Closed Testing is completed, Google requires developers to submit the Release Access Form before the app can move forward in the publishing process. It sounds simple, but the way this form is written has a direct influence on the final review. Taking the form seriously, paired with the testing evidence we had already prepared, helped our final submission go through smoothly on the fourth attempt. Here’s what became clear when we worked through it: The answers must reflect the real behaviour of the app — especially the sections on intended use and where user data comes from. Any mismatch creates doubt. Google expects clear descriptions of features, user actions and the scope of testing. Vague explanations often slow the process down. Looking at how other developer communities handled this form helped us understand the phrasing that aligns with Google’s criteria. Final Thoughts Closed Testing is ultimately about proving that your app behaves like a real, ready-to-ship product. Most teams lose time because they only react after a rejection; we prevent 80% of those rejections long before you ship. If you want fewer surprises and a tighter, lower-risk review cycle, talk to us and Haposoft will run the entire review cycle for you.

Cloudflare is facing a major global outage that has disrupted DNS resolution, CDN traffic and several core network services. The issue began early on November 18, 2025 and quickly affected many of the world’s biggest platforms, including OpenAI, X, Canva and other sites that rely on Cloudflare for performance and security. As Cloudflare works to stabilize its systems, many websites may load slowly, show error messages or fail to respond entirely. This guide explains what is happening and what you can do right now to keep your website online. What’s Going On With Cloudflare Right Now? Cloudflare is investigating a major global outage that began around 6:40 a.m. ET on 18 November 2025 and quickly triggered elevated error rates across multiple regions. Thousands of users reported HTTP 500 internal errors, failed API calls and an inability to access Cloudflare’s dashboard or API endpoints. According to multiple reports from Reuters, AP News and Tom’s Hardware, websites depending on Cloudflare’s CDN or proxy layer simply stopped loading. High-profile platforms including OpenAI, X and Canva were among the most visibly affected, with users encountering timeouts, missing content or Cloudflare challenge errors when trying to access core features. Cloudflare’s CEO acknowledged the disruption and noted that the company saw an unexpected spike in traffic and CPU load that impacted both primary and secondary systems. This instability rippled across Cloudflare’s network, which carries more than 20 percent of global web traffic, according to the Financial Times. While some regions are showing early signs of recovery, Cloudflare has warned that intermittent downtime may continue until the network fully stabilizes. Why So Many Services Went Down Cloudflare’s outage is touching several critical layers of its global network. This is why so many unrelated platforms are failing at the same time. While the scope may vary by region, most disruptions fall into four main areas. These are the services experiencing the most visible impact: DNS resolution: Domains may fail to resolve entirely or return intermittent NXDOMAIN and SERVFAIL errors, making websites appear offline even if servers are healthy. CDN and edge delivery: Users may see slow loading, missing content or 522 and 523 connection errors as traffic struggles to reach Cloudflare’s edge locations. API and Workers: Developers may notice higher latency, failed executions or dropped requests due to instability in Cloudflare’s compute and routing layer. Zero Trust and Email Routing: Authentication, access policies and email rewriting may behave inconsistently, causing login delays or undelivered messages. Websites may appear offline even though the backend is functioning normally. APIs may time out or fail entirely. Some platforms experience slower global performance due to degraded edge capacity. Email routing and authentication services relying on Cloudflare may process more slowly or return errors. For businesses building on Cloudflare, these issues can interrupt workflows, customer access and production systems until the network fully recovers. Emergency Steps to Keep Your Website Running If your website or API relies on Cloudflare, you can take several immediate actions to restore access while Cloudflare continues to recover. These steps focus on bypassing unstable Cloudflare layers and re-routing critical traffic. 1. If Your Domain Uses Cloudflare DNS Moving your domain away from Cloudflare’s DNS temporarily can restore service for most websites. What to do: Change your NameServers back to your domain registrar’s defaults (GoDaddy, Namecheap, MatBao, PAVietnam and others). Or switch to a reliable alternative such as Amazon Route 53. Recreate your existing DNS records (A, AAAA, CNAME, MX and TXT) exactly as they were. This ensures DNS resolution is handled by a stable provider until Cloudflare fully recovers. 2. If You Use Cloudflare Proxy or CDN Cloudflare’s orange-cloud proxy is heavily affected during global outages. Disabling it allows traffic to go directly to your server. You can: Turn off proxy mode so the DNS entry becomes DNS Only. Or point your domain directly to your server’s IP using another DNS provider. This bypasses Cloudflare’s edge entirely and routes requests straight to your origin. 3. If You Rely on Cloudflare Workers, Email Routing or Zero Trust These services may not function reliably under current conditions. Temporary workarounds include: Switching back to your original email provider’s MX records such as Google Workspace, Microsoft 365 or any self-hosted solution. Routing API traffic directly to your backend servers instead of through Workers. Pausing Zero Trust policies that depend on Cloudflare for authentication. Important Notes DNS propagation can take anywhere from a few minutes to an hour depending on your TTL. Do not delete your Cloudflare zone. This complicates restoration once the network stabilizes. Large websites or systems under heavy traffic should test load immediately after switching. Preventing Future Outages While Cloudflare is usually reliable, this incident shows how a single point of failure can affect many unrelated platforms. Businesses that depend on Cloudflare for DNS, CDN, security and API routing should plan for resilience rather than assuming perfect uptime. Build DNS Redundancy DNS is the first layer that fails during a Cloudflare outage. Having a secondary DNS provider allows your domain to stay reachable even if one provider goes down. Reliable options include: ​​​​​Amazon Route 53 Google Cloud DNS NS1 Akamai DNS Made Easy A multi-DNS setup ensures that traffic can be rerouted instantly whenever one network experiences instability. Use More Than One CDN When Possible If your website or application relies heavily on Cloudflare’s edge, consider using a backup CDN for static assets or heavy traffic routes. This prevents a full shutdown if Cloudflare’s delivery network becomes slow or unavailable. Common backup choices include Fastly, CloudFront or Akamai. Design Systems for Failure Modern applications need to assume that providers can fail unexpectedly. A resilient architecture spreads critical services across multiple layers and avoids complete reliance on any single vendor. Practical improvements: Keep a direct IP access path for emergencies Store a copy of static assets outside Cloudflare Use health checks that can switch traffic when errors spike Avoid routing core authentication or critical APIs through a single proxy By preparing ahead, you reduce the risk of a global outage disrupting your customers or internal operations. Final Thoughts and How Haposoft Can Support You Today’s Cloudflare outage is a reminder that even the most trusted internet providers can experience large-scale failures. When core layers like DNS, CDN or security proxies go down, the ripple effect reaches millions of users and businesses within minutes. The best defense is preparation: redundancy, fallback routing and resilient infrastructure. If your website or system is still experiencing issues or you want to avoid disruptions like this in the future, Haposoft can step in immediately. Haposoft Can Help You Stabilize Your Website Right Now Our team can assist with: Reconfiguring DNS records on Route 53 or your registrar Bypassing Cloudflare proxy and routing traffic directly to your servers Restoring API access and email flow without waiting for Cloudflare’s full recovery We can guide you through the entire process so your website comes back online as fast as possible. Improve Reliability with Haposoft’s AWS Solutions Beyond emergency fixes, Haposoft provides end-to-end AWS consulting to help you build stronger and more resilient systems. Our AWS services include: Designing multi-DNS and multi-region architecture Setting up Route 53 with health checks and failover routing Deploying CloudFront as a high-availability CDN alternative Migrating critical services to fault-tolerant AWS infrastructure Implementing monitoring, alerts and disaster-recovery plans If you want your platform to withstand outages like today’s event, Haposoft can help you build the kind of cloud architecture that stays online even when major providers stumble.

As VOD libraries expand, broadcasters face rising storage demands and slower data access. To address that, we propose a model using Amazon S3 video storage that keeps media scalable, secure, and cost-efficient over time. Why Amazon S3 Video Storage Fits Modern VOD Workflows Launched on March 14 2006, Amazon S3 began as one of the first public cloud storage services. The current API version—2006-03-01—has remained stable for nearly two decades while continuously adding new capabilities such as lifecycle automation, reduced storage tiers, and improved console features. Over more than 15 years of updates, S3 has grown far beyond “a storage bucket” into a global object storage platform that supports replication, logging, and analytics at scale. According to Wikipedia, the number of stored objects increased from about 10 billion in 2007 to more than 400 billion in 2023—illustrating how it scales with worldwide demand for AWS cloud storage and video streaming workloads. Key technical advantages of Amazon S3 video storage: Scalability: Pay only for the data you use—no pre-provisioning or capacity limits. Durability: Designed for 99.999999999 percent (“11 nines”) data durability, ensuring media integrity over time. Cost flexibility: Multiple storage classes allow efficient tiering from frequently to rarely accessed content. Deep AWS integration: Works seamlessly with CloudFront, Lambda, Athena, and Glue to handle video processing and delivery. Security and compliance: Versioning, Object Lock, and CloudTrail logging meet broadcast-grade data-governance requirements. With this maturity, scalability, and reliability, Amazon S3 video storage has become the natural foundation for broadcasters building modern VOD systems. Solution Architecture: Multi-Tier VOD Storage on Amazon S3 The broadcasting team built its VOD system around Amazon S3 video storage to handle about 50 GB of new recordings each day — nearly 18 TB per year. The goal was simple: keep all video available, but spend less on storage that’s rarely accessed. Instead of treating every file the same, the data is separated by lifecycle. New uploads stay in S3 Standard for quick access, while older footage automatically moves to cheaper tiers such as Standard-IA and Glacier. Cross-Region Replication creates a copy in another region for disaster recovery, and versioning keeps track of every edit or replacement. This setup cuts monthly cost by more than half compared with storing everything in a single class. It also reduces manual work - files move, age, and archive automatically based on defined lifecycle rules. The rest of this section breaks down how the system works in practice. (AWS Best Practice) System Overview The storage system is split into a few simple parts, each doing one clear job. Primary S3 bucket (Region A – Singapore): This is where all new videos land after being uploaded from local studios. Editors and producers can access these files directly for a few months while the content is still fresh and often reused. Lifecycle rules for auto-tiering: After the first three months, the system automatically shifts older objects to cheaper storage tiers. It’s handled through lifecycle rules, so there’s no need to track or move files manually. Cross-Region Replication (Region B – Tokyo): Every new file is copied to another region for redundancy. If one region fails or faces downtime, all data can still be restored from the secondary location. Access control and versioning: Access policies define who can read or modify content, while versioning keeps a full history of changes — useful when editors replace or trim video files. Together, these components keep the VOD archive easy to manage: new content stays fast to access, archived footage stays safe, and everything costs far less than a one-tier setup. Optimizing with AWS Storage Classes Each phase of a video’s lifecycle maps naturally to a different AWS storage class. In the early stage, new uploads stay in S3 Standard, where editors still access them frequently for editing or scheduling broadcasts. After the first few months, when the files are mostly finalized, they shift to S3 Standard-IA, which keeps the same quick access speed but costs almost half as much. As the archive grows, older footage that is rarely needed moves automatically to S3 Glacier Instant Retrieval, where it remains available for years at a fraction of the price. Content that only needs to be retained for compliance or historical purposes can be stored safely in S3 Glacier Flexible Retrieval or Deep Archive, depending on how long it needs to stay accessible. This tiered structure keeps the storage lean and predictable. Costs fall gradually as data ages while every file remains retrievable whenever required, something that traditional on-premise systems rarely achieve. It allows broadcasters to manage expanding VOD libraries without overpaying for high-performance storage that most of their content no longer needs. Storage Class Use Case Access Speed Cost Level Typical Retention S3 Standard New uploads and frequently accessed videos Milliseconds High 0–90 days S3 Standard-IA Less-accessed content, still in rotation Milliseconds Medium 90–180 days S3 Glacier Instant Retrieval Older videos that may need quick access Milliseconds Low 6–12 months S3 Glacier Flexible Retrieval Archival content, rarely accessed Minutes to hours Very low 1–3 years S3 Glacier Deep Archive Historical backups or compliance data Hours Lowest 3+ years Automating Data Tiering with Amazon S3 Lifecycle Policy Manually tracking which videos are old enough to move to cheaper storage becomes unrealistic once the archive grows to terabytes. To avoid that, the team set up an Amazon S3 lifecycle policy that automatically transitions data between storage tiers depending on how long each object has been in the bucket. This approach removes manual work and ensures that every file lives in the right tier for its age and access frequency. The rule applies to all objects in the vod-storage-bucket. For roughly the first three months, videos remain in S3 Standard, where they are frequently opened by editors and producers for re-editing or rebroadcasting. After 90 days, the lifecycle rule moves those files to S3 Standard-IA, which keeps millisecond-level access speed but costs around 40% less. When videos reach about six months old, they are transitioned again to S3 Glacier Instant Retrieval, which provides durable, low-cost storage while still allowing quick restores when needed. After three years, the system automatically deletes expired files to keep the archive clean and avoid paying for data no one uses anymore. Below is the JSON configuration used for the policy: What this policy does: After 90 days, objects are moved from S3 Standard to S3 Standard-IA. After 180 days, the same objects move to S3 Glacier Instant Retrieval. After 3 years (1,095 days), the data is deleted automatically. This way, fresh content stays fast, older content stays cheap, and the archive never grows forever. Ensuring Redundancy with Cross-Region Replication (S3 CRR) When broadcasters archive years of video, the question isn’t just cost — it’s “what if a region goes down?” To keep content recoverable, the system enables S3 Cross-Region Replication (CRR). Each new or updated file in the primary bucket is automatically copied to a backup bucket in another AWS region. This setup uses a simple AWS CLI command: When CRR is active, every object uploaded to the vod-storage-bucket is duplicated in vod-backup-bucket, stored in a different region such as Tokyo. If the main region suffers an outage or data loss, the broadcaster can still restore or stream files from the backup. Besides disaster recovery, CRR supports compliance requirements that demand off-site backups and version protection. It also gives flexibility: the destination can use a lower-cost storage class, cutting replication expenses while keeping full data redundancy. Cost Analysis: Amazon S3 Pricing for VOD Workloads To evaluate the actual savings, the team estimated the monthly cost of storing roughly 18 TB of VOD data on Amazon S3. If everything stayed in S3 Standard, the cost would reach about $0.023 per GB per month, or nearly $414 USD in total. This flat setup is simple but inefficient, as older videos that are rarely accessed still sit in the most expensive storage class. With lifecycle tiering enabled, the same 18 TB is distributed across several classes based on how often each dataset is used. Around 4.5 TB of recent videos remain in S3 Standard for fast access, another 4.5 TB shifts to S3 Standard-IA, and the rest (about 9 TB) moves to S3 Glacier Instant Retrieval for long-term retention. Based on AWS’s current pricing, this mix brings the total monthly cost down to around $195–$200, cutting storage expenses by over 50 percent while keeping all assets available when needed. Storage Segment Approx. Volume Storage Class Price (USD / GB / month) Estimated Monthly Cost New videos (0–90 days) 4.5 TB S3 Standard $0.023 ~$103.5 90–180 days 4.5 TB S3 Standard-IA $0.0125 ~$56.25 180 days+ 9 TB S3 Glacier IR $0.004 ~$36 Total 18 TB — — ~$195.75 Final Thoughts The VOD storage model built on Amazon S3 shows how broadcasters can balance scale, reliability, and cost in one system. By combining lifecycle policies, multi-tier storage, and cross-region replication, the workflow stays simple while infrastructure costs drop sharply. With Amazon S3 video storage, broadcasters can scale their VOD systems sustainably and cost-effectively — turning storage from a fixed cost into a flexible, data-driven resource. If your team is looking to modernize or optimize an existing VOD platform, Haposoft can help assess your current setup and design a tailored AWS storage strategy that grows with your needs.

On October 20, 2025, an outage in AWS’s us-east-1 region took down over sixty services, from EC2 and S3 to Cognito and SageMaker, disrupting businesses worldwide. It was a wake-up call for teams everywhere to rethink their cloud architecture, monitoring, and recovery strategies. Overview of the AWS us-east-1 Outage On October 20, 2025, a major outage struck Amazon Web Services’ us-east-1 region in Northern Virginia. This region is among the busiest and most relied upon in AWS’s global network. The incident disrupted core cloud infrastructure for several hours, affecting millions of users and thousands of dependent platforms worldwide. According to AWS, the failure originated from an internal subsystem that monitors the health of network load balancers within the EC2 environment. This malfunction cascaded into DNS resolution errors, preventing key services like DynamoDB, Lambda, and S3 from communicating properly. As a result, applications depending on those APIs began timing out or returning errors, producing widespread connectivity failures. More than sixty AWS services, including EC2, S3, RDS, CloudFormation, Elastic Load Balancing, and DynamoDB were partially or fully unavailable for several hours. AWS officially classified the disruption as a “Multiple Services Operational Issue.” Though temporary workarounds were deployed, full recovery took most of the day as engineers gradually stabilized the internal networking layer. Timeline and Scope of Impact Event Details Start Time October 20, 2025 – 07:11 UTC (≈ 2:11 PM UTC+7 / 3:11 AM ET) Full Service Restoration Around 10:35 UTC (≈ 5:35 PM UTC+7 / 6:35 AM ET), with residual delays continuing for several hours Region Affected us-east-1 (Northern Virginia) AWS Services Impacted 64 + services across compute, storage, networking, and database layers Severity Level High — classified as a multiple-service outage affecting global API traffic. Status Fully resolved by late evening (UTC+7), October 20 2025. During peak impact, major consumer platforms, including Snapchat, Fortnite, Zoom, WhatsApp, Duolingo, and Ring, etc reported downtime or degraded functionality, underscoring how many global services depend on AWS’s Virginia backbone. AWS Services Affected During the Outage The outage affected a broad range of AWS services across compute, storage, networking, and application layers. Core infrastructure saw the heaviest impact, followed by data, AI, and business-critical systems. Category Sub-Area Impacted Services Core Infrastructure Compute & Serverless AWS Lambda, Amazon EC2, Amazon ECS, Amazon EKS, AWS Batch Storage & Database Amazon S3, Amazon RDS, Amazon DynamoDB, Amazon ElastiCache, Amazon DocumentDB Networking & Security Amazon VPC, AWS Transit Gateway, Amazon CloudFront, AWS Global Accelerator, Amazon Route 53, AWS WAF AI/ML and Data Services Machine Learning Amazon SageMaker, Amazon Bedrock, Amazon Comprehend, Amazon Rekognition, Amazon Textract Data Processing Amazon EMR, Amazon Kinesis, Amazon Athena, Amazon Redshift, AWS Glue Business-Critical Services Communication Amazon SNS, Amazon SES, Amazon Pinpoint, Amazon Chime Integration & Workflow Amazon EventBridge, AWS Step Functions, Amazon MQ, Amazon API Gateway Security & Compliance AWS Secrets Manager, AWS Certificate Manager, AWS Key Management Service (KMS), Amazon Cognito These layers failed in sequence, causing cross-service dependencies to break and leaving customers unable to deploy, authenticate users, or process data across multiple regions. How the Outage Affected Cloud Operations When us-east-1 went down, the impact wasn’t contained to a few services, it spread through the stack. Core systems failed in sequence, and every dependency that touched them started to slow, timeout, or return inconsistent data. What followed was one of the broadest chain reactions AWS has seen in recent years. 1. Cascading Failures The multi-service nature of the outage caused cascading failures across dependent systems. When core components such as Cognito, RDS, and S3 went down simultaneously, other services that relied on them began throwing exceptions and timing out. In many production workloads, a single broken API call triggered full workflow collapse as retries compounded the load and spread the outage through entire application stacks. 2. Data Consistency Problems The outage severely disrupted data consistency across multiple services. Failures between RDS and ElastiCache led to cache invalidation problems, while DynamoDB Global Tables suffered replication delays between regions. In addition, S3 and CloudFront returned inconsistent assets from edge locations, causing stale content and broken data synchronization across distributed workloads. 3. Authentication and Authorization Breakdowns AWS’s identity and security stack also experienced significant instability. Services like Cognito, IAM, Secrets Manager, and KMS were all affected, interrupting login, permission, and key management flows. As a result, many applications couldn’t authenticate users, refresh tokens, or decrypt data, effectively locking out legitimate access even when compute resources remained healthy. 4. Business Impact Scenarios The outage hit multiple workloads and customer-facing systems across industries: E-commerce → Payment and order-processing pipelines stalled as Lambda, API Gateway, and RDS timed out. SES and SNS failed to deliver confirmation emails, affecting checkout flows on platforms like Shopify Plus and BigCommerce. SaaS and consumer apps → Authentication via Cognito and IAM broke, causing login errors and session drops in services like Snapchat, Venmo, Slack, and Fortnite. Media & streaming → CloudFront, S3, and Global Accelerator latency led to buffering and downtime across Prime Video, Spotify, and Apple Music integrations. Data & AI workloads → Glue, Kinesis, and SageMaker jobs failed mid-run, disrupting ETL pipelines and inference services; analytics dashboards showed stale or missing data. Enterprise tools → Office 365, Zoom, and Canva experienced degraded performance due to dependency on AWS networking and storage layers. Insight: The outage showed that even “multi-AZ” redundancy within a single region isn’t enough. For critical workloads, true resilience requires cross-region failover and independent identity and data paths. Key Technical Lessons and Reliable Cloud Practices The us-east-1 outage exposed familiar reliability gaps — single-region dependencies, missing isolation layers, and reactive rather than preventive monitoring. Below are consolidated lessons and proven practices that teams can apply to build more resilient architectures. 1. Avoid Single-Region Dependency One of the clearest takeaways from the us-east-1 outage is that relying on a single region is no longer acceptable. For years, many teams treated us-east-1 as the de facto home of their workloads because it’s fast, well-priced, and packed with AWS services. But that convenience turned into fragility: when the region failed, everything tied to it went down with it. The fix isn’t complicated in theory, but it requires architectural intent: run active workloads in at least two regions, replicate critical data asynchronously, and design routing that automatically fails over when one region becomes unavailable. This approach doesn’t just protect uptime, it also protects reputation, compliance, and business continuity. 2. Isolate Failures with Circuit Breakers and Service Mesh The outage highlighted how a single broken dependency can quickly cascade through an entire system. When services are tightly coupled, one failure often leads to a flood of retries and timeouts that overwhelm the rest of the stack. Without proper isolation, even a minor disruption can escalate into a complete service breakdown. Circuit breakers help contain these failures by detecting repeated errors and temporarily stopping requests to the unhealthy service. They act as a safeguard that gives systems time to recover instead of amplifying the problem. Alongside that, a service mesh such as AWS App Mesh or Istio applies these resilience policies consistently across microservices, without requiring any change to application code 3. Design for Graceful Degradation One of the biggest lessons from the outage is that a system doesn’t have to fail completely just because one part goes down. A well-designed application should be able to degrade gracefully, keeping essential features alive while less critical ones pause. This approach turns a potential outage into a temporary slowdown rather than a total shutdown. In practice, that means preparing fallback paths in advance. Cache responses locally when databases are unreachable, serve read-only data when write operations fail, and make sure authentication remains available even if analytics or messaging features are offline. These small design choices protect user trust and maintain service continuity when infrastructure falters. 4. Strengthen Observability and Proactive Alerting During the us-east-1 outage, many teams learned about the disruption not from their dashboards, but from their users. That delay cost hours of downtime that could have been mitigated with better observability. Building a resilient system starts with seeing what’s happening — in real time and across multiple data sources. To achieve that, monitoring should extend beyond AWS’s native tools. Combine CloudWatch with external systems like Prometheus, Grafana, or Datadog to correlate metrics, traces, and logs across services. Alerts should trigger based on anomalies or trends, not just static thresholds. And most importantly, observability data must live outside the impacted region to avoid blind spots during regional failures. 5. Build for Automated Recovery and Test Resilience The outage showed that relying on manual recovery is a costly mistake. When systems fail at scale, waiting for human response wastes valuable time and magnifies the impact. A reliable system must detect problems automatically and trigger recovery workflows immediately. CloudWatch alarms, Step Functions, and internal health checks can restart failed components, promote standby databases, or reroute traffic without human input. The best teams also treat recovery as a continuous process, not an emergency fix, ensuring automation is built, tested, and improved over time. True resilience goes beyond automation. Regular chaos experiments help verify that recovery logic works when it truly matters. Simulating database timeouts, service latency, or full region loss exposes weak points before real failures do. When recovery and testing become routine, teams stop reacting to incidents and start preventing them. Action Plan for Teams Moving Forward The AWS outage reminded us that no cloud is truly fail-proof. We know where to go next, but meaningful change takes time. This plan helps teams make steady, practical improvements without disrupting what already works. Next 30 days Review how your workloads depend on AWS services, especially those concentrated in a single region. Set up baseline monitoring that tracks latency, errors, and availability from outside AWS. Document incident playbooks so response steps are clear and repeatable. Run small-scale failover tests to confirm that backups and DNS routing behave as expected. Next 3–6 months Roll out multi-region deployment for high-impact workloads. Replicate critical data asynchronously across regions. Introduce controlled failure testing to verify that automation and fallback logic hold up under stress. Begin adding auto-recovery or self-healing workflows for key services. Next 6–12 months Evaluate hybrid or multi-cloud options to reduce vendor and regional risk. Explore edge computing for latency-sensitive use cases. Enhance observability with AI-assisted alerting or anomaly detection. Build a full business continuity plan that covers both technology and operations. Haposoft has years of hands-on experience helping teams design, test, and scale reliable AWS systems. If your infrastructure needs to be more resilient after this incident, our engineers can support you in building, testing, and maintaining that foundation. Cloud outages will always happen. What matters is how ready you are when they do. Conclusion That hiccup in AWS us-east-1 showed just how vulnerable everything is, actually. Now it’s about learning to bounce back, running drills, then getting ready for what happens next time. True dependability doesn’t appear instantly; instead, it grows through consistent little fixes so things don’t fall apart when trouble strikes. We’re still helping groups create cloud setups meant to withstand failures. This recent disruption teaches us lessons; consequently, our future builds will be more robust, straightforward, also ready for whatever happens.