Hello!
Today I had a small blip of activity with vault.bitwarden.com where it gave me something like: “Sorry, you have been blocked, you are unable to access web-vault.pages.dev”. (it was a cloudflare thing)
Looking at whois for that URL doesn’t give me any indication it’s owned by bitwarden, and I did not log into that URL, but I can see a duplicate bitwarden vault login page there if I visit that site.
Can anyone shed some light on what the heck happened?
Hi ctooley, welcome to the Bitwarden community! It does appear there was a small blip as you state, and during that time the Cloudflare URL used by Bitwarden was visible. We are looking into how we can document this.
That is incredibly relieving to hear, thank you!
I’m seeing this for the first time today from our office network. Did you resolve it by contacting Cloudflare? Do you know what caused the block?
It cleared itself up after about 5-10 minutes for me when it happened.
Thanks all, the team is investigating.
I’ve also experienced this problem this morning. Do you recommend that I just wait and try to log in later on to see if it has been resolved?
Is the web-vault.pages.dev domain owned by Bitwarden?
Is this a development or production environment? I ask to be sure that my passphrase, secrets are not being unfortunately routed to a possibly less secure environment.
Can’t open bitwarden on new phone. What’s the advice on going forward?
We’re getting the same blocked message
Me too I can’t access and it show up have been block
Same here, good that it has been noticed before so the team is probably on it. However it says this topic has been solved but the “additional detail” is that it is still happening so who flagged it as “solved”. I will re-scan the thread but seems that there is only a preliminary identification of the issue not a solution.
I’m also blocked. I see it’s being worked on. I’d like to know if this is connected with an attempt to hack the vaults. It wasn’t so long ago that LastPass was breached.
Just trying to be proactive in my security.
I think it’s back up.
It wasn’t working for me 5 minutes ago but it’s back now.
PS I haven’t found this to be a common occurence.
Yeah, I just got back in as well. I’ve not had an issue like this since starting with Bitwarden. Anymore though, it’s good to be cautious.
Just as an FYI, this appears to be currently being tracked via the Bitwarden status page for this incident.
Just a reminder you can always check there for the latest, as well as setup notifications using the RSS feed.
Thanks for everyone in the community for the quick reporting, I’m sure that helps to get these issues on the radar for the team quicker.
I had marked it as solved as I no longer had the issue, I’ve marked it unsolved as it seems to be affecting more people intermittently. It would be reassuring to confirm whether the url is owned by bitwarden!
It looks pretty obviously like a subdomain owned by bitwarden unless it is spoofed, Why would anyone think it was not owned by bitwarden? It was kind of scary because yes we thought we were going to be locked out I personally spent a couple few hours making backups. Which should be done anyway, but the problem eventually did go away. It would be good to know what is going on please don’t mark it solved until there is an explanation from tech and assurance that the problem is contained thanks.
EDIT: Hit reply limit of 3 so in reference to the below post, presumably this just happened and as of one minute ago you are still locked out?
One thing that worked for me was to go to another browser or another computer where you are logged in and see if you can access your account that way. Which I did, and used that access to export backups. Before taking my chances with the backup, I manually went to each critical password file and copied the important passwords in case my login failed during the export. Please keep us advised as this issue develops. I hope it is due to server loading and not malicious actors but yeah I changed my bank password etc in case…
{ “statusCode”: 500, “message”: “Internal server error”, “activityId”: “00000000-0000-0000-0000-000000000000” } on page https://vault.bitwarden.com/#/
or
Cloudflare Ray ID: 796a6fbb8ae52848 • Performance & security by Cloudflare