Update on WAF False Positives (Blocked VPN Users)

Hey ya'll, I'm Brad the platform engineer here at digg. I wanted to give a quick rundown of what happened with VPN users and let you know that we haven't intentionally blocked all VPN access.

Last night we rolled out a temporary WAF rule to filter out some malicious traffic. It was aimed at blocking some script kiddie activity that was being routed through VPS hosting providers, but it ended up snagging VPN users too.

I've tuned that rule to be more narrowly focused on specific abuse patterns and confirmed my own VPN works fine now from multiple exit nodes during general browsing.

You should be good to go again, but if you're still getting blocked let us know.