The Arch Linux team has once again been forced to respond to a distributed denial-of-service attack targeting its AUR repository infrastructure. As a result, DDoS protection has been enabled for aur.archlinux.org to help mitigate the ongoing disruption.
While this measure helps keep the AUR website accessible, it has introduced a significant side effect: pushing to the AUR is currently not possible.
Then why go against the AUR and not the official mirrors? The former isn’t always exactly the epitome of securely packaged trusted applications
Just spitballing, because honestly the amount of effort that must go into sustaining this attack in the long term just baffles me. Like, why?
It costs, like $10 to rent a botnet for a couple-hour attack.