DiscussionSLA
Sign inSign up

SafeLine License Disconnection on Feb. 5 to 6, 2026 (GMT+8)

Published a month ago

# SafeLine WAF
Announcements

Published a month ago

profile_photo

Carrie-SafeLine

Admin

Updated a month ago

2

To All SafeLine Users,

On Feb. 5, 2026 (GMT+8), SafeLine team detected a malicious DDoS attack targeting SafeLine-related services and the online licensing system in China. After technical investigation and traffic analysis, we confirmed that this attack showed clear signs of deliberate human activity intended to disrupt normal operations in the cybersecurity industry.

During the service recovery process, additional network instability and configuration issues caused secondary disruptions, resulting in temporary access problems for the overseas website (SafePoint) and licensing services. We sincerely apologize for the inconvenience this caused to your operations and UX.

But we'd like to clarify that SafeLine local protection nodes operate independently and do not rely on continuous cloud connectivity. During the cloud-side disruption, all users’ local traffic forwarding and core protection functions continued running normally. Your production traffic and protection capabilities were not affected.

1. Impact Summary

  • During the Lite and Pro license disconnection, users were temporarily unable to access the management console.
    (Note: Even when the console was unavailable, WAF protection policies remained active and traffic protection was not interrupted.)

  • If users accidentally clicked “BACK TO PE” and downgraded to the free Personal Edition, configurations related to paid features would be lost.

2. Timeline and Root Causes

  • 2026-02-05 10:38 – 18:03 (DDoS Attack)
    Services in China were impacted by a DDoS attack, causing service disruption.

  • 2026-02-05 18:03 – 20:08 (Network Connectivity Issue)
    After initial recovery, a network connectivity problem on the infrastructure side caused license revalidation failures for domestic users whose licenses had already been restored. This issue was fully resolved at 20:08.

  • From 2026-02-05 23:05 (SafePoint SSL Certificate Issue)
    During the recovery process, a historical misconfigured SSL certificate was mistakenly loaded when restarting service containers. This caused certificate mismatch errors on SafePoint and licensing services. The issue was resolved around 2026-02-06 11:58(GMT+8).

3. Follow-up Improvements

We understand that stability is the foundation of any security product. In response to the shortcomings exposed in this incident — including infrastructure-level DDoS resilience and operational configuration management — we are conducting a comprehensive internal review and will implement the following measures:

  • Upgrading our infrastructure-level DDoS protection capabilities
  • Optimizing the license validation mechanism
  • Improving internal operational processes and adding stricter validation checks for critical configurations to prevent similar human errors in the future

Thank you for your patience and understanding during this incident, and for your continued support. If you have any questions, please feel free to reach out to us via Contact Us on our website or our Discord community

SafeLine Team
February, 2026

Related Posts
#
Config change port certificate ssl
#
Adding Anti-Bot Blocking Pages to Customize HTML Pages
#
Safeline WebUi
#
Hi, Do you have k8s support for safeline hosting?
#
Several questions
SafeLine License Disconnection on Feb. 5 to 6, 2026 (GMT+8) | SafePoint