AUR Repository Still Under DDoS Attack

If you use Arch Linux, you know about Arch User Repository (AUR), which houses a large number of user-submitted applications. As well, if you've been paying attention to Linux news, you know that the AUR has been under a distributed denial-of-service (DDoS) attack for two weeks now.

In addition to the attack on AUR, Arch's main web page and forums have also been under attack. The good news is that both the web page and forum are now available (at least for some -- I was able to reach both).

At the moment, it seems someone has released a botnet to bring down the repository. Regarding recent service outages, the Arch developers have said, "We are aware of the problems that this creates for our end users and will continue to actively work with our hosting provider to mitigate the attack." They continue with, "We are also evaluating DDoS protection providers while carefully considering factors including cost, security, and ethical standards."

For those who need access to those pages, the Arch developers suggest using a mirror from the pacman-mirrorlist package during the outage. As for ISOs, they also suggest using a mirror (such as the DevOps-administered geomirrors, which is signed by 0x3E80CA1A8B89F69CBA57D98A76A5EF9054449A5C). There is also a mirror of AUR on GitHub, where you can retrieve a package using git. If you're looking for documentation, you can go to the arch-wiki-docs and the arch-wiki-light, both of which contain recent snapshots of the articles that have been posted on the Arch Linux Wiki.