For the most recent updates, see /service-updates
1. I am unable to reliably access Zoho services this week. What is happening?
We're facing a criminal cyber-attack called a DDoS (Distributed Denial of Service) aimed at denying access to genuine users of our services. This started on Nov 4, 2015. Updates are available at https://blogs.zoho.com/service-updates and we're also posting on our @Zoho Twitter handle.
2. How are you planning to mitigate this attack?
Our network and infrastructure teams have been working – non-stop - on mitigating these attacks since they started. We have received and handled many of them already. We are also working with other experts to erect various defenses, using multiple approaches.
3. When will services be fully restored?
Unfortunately, this kind of attack makes this unknowable. These are criminals using the internet to extort companies and deny service to their paying customers. If past experience of other companies is any guide, such attacks can last from hours to days. Rest assured that we are doing our best and working with all the right people to mitigate these attacks and will keep you posted.
4. Is my data safe?
Yes, all your data will remain safe and sound. You may not be able to access your data reliably, given the unpredictability of the multiple attack sequences, but you will not lose any data.
5. Do I need to change my password?
No, you do not need to change your existing password. However, you may experience disruption in accessing services.
6. Will I get all emails sent to me? Will emails get lost?
You will not lose messages sent to you. Email messages may be held up in various hops on the internet as they make their way to our servers. They will remain there until they can reach our servers. Delivery will be automatically retried, usually for several days.
7. I'm not able to get mail on my phone. Why is POP and IMAP email not working?
POP and IMAP traffic has been blocked as of now, as it poses attack and performance risk. So you may not be able to receive mail on your smartphone. We are working through alternatives to address this. In the meantime, Zoho webmail will work (whenever our services are not under immediate attack). You can also install the Zoho Mail app on your smartphone from any app store. That will continue to work. Incoming mail is hugely delayed, so this will impact your use.
8. I am unable to receive incoming mail that's critical to my business. What's being done?
Incoming mail continues to be delayed. Messages may often arrive out-of-turn. As we mentioned elsewhere, rerouting traffic to mitigate attacks has added various network hops and this has slowed things down. Services have been a lot slower and mail is really delayed. We are currently investigating the mail delay issues.
9. As a Zoho user, is there anything I can do to help?
Although, we're doing everything we can to fight this attack, access to Zoho services might be intermittent. Your patience, support, and intolerance for criminal intent will be greatly appreciated during this period.
10. Zoho hosts our website and we depend on you for our business. Why were these down?
The attacker had used our own customer sites to launch the attack (so they can gain legitimately gain access to our servers), so we had to shut them down. These are now being restored.
11. What should customers hosting websites with Zoho expect?
Many customers have asked about this same issue. If your website is hosted with Zoho Sites, please follow these steps to ensure that your website is accessible:
- Login to your domain manager, forward the root domain (yourdomain.com) to www.yourdomain.com using the domain forwarding option
- If you've already added an A Record that is pointing to 18.104.22.168, remove it
- Make sure you've added a CNAME Record with host name www, pointing to zhs.zohosites.com
- Login to your site builder and set www.yourdomain.com (domain name with www) as the primary domain
Note: The term domain forwarding is also commonly known as URL forwarding, web forwarding, URL redirect etc. The changes made in your domain manager should take effect in a couple of hours, depending on your domain provider. If you still need help contact firstname.lastname@example.org.
12. My mail still does not work. Could my MX record be off?
You may know that your domain (eg, yourcompany.com) has something called an MX record that points to an email server configured to process email for your domain. We have noticed that some customers use an exact Zoho IP address in their MX records to specify the mail server. This is NOT recommended practice.
16 Replies to Answers to frequent questions
Keep up the good work! The community is on your side!!
Hello, can you please clarify how within Zoho Sites to set the "www" subdomain as primary? This doesn't seem possible when I click on the two domains (root and "www" sub) within the settings management on Zoho Sites. Thanks
Hello, In the directions that were sent, when I try to switch the "www" subdomain to primary within Zoho Sites -> Manage -> Settings -> Domains, this does not seem possible. Clicking on the "www" subdomain does nothing, and clicking on the root domain brings up a message that says "This domain is already marked as primary". Could you please explain?
We have fixed the issue with switching primary/secondary domains. You should now be able to change the primary domain in your website.
Hi Zoho team, keep up the good work. I understand that the complexity of mitigating DDOS attacks is dependent on the size of the attack. When all of this is over, I would love to have a post-mortem analysis of the attack. Thanks a lot for the great service and kudos for not caving in to criminals' demands like proton mail did.
Hi Zoho Team, We run a mass Email Out, I can still schedule, but my concern right now does it affect the numbers of open rates, etc???? Hope everything well be okay. Thanks!
You can still send emails out and they will quickly get to their destinations (customers). Call this path 1. Incoming mail, call this path 2, still suffers large delays (because of bottlenecks added by the temporary new routing complexity to mitigate attacks). Thus, you will know about open rates much later (1-2) and customers will be unpredictably delayed in seeing your responses to them (1-2-1). Since path 2 is in both, I would not recommend running email campaigns until this is sorted out. Really sorry for the inconvenience.
We depend on POP for incoming mail to desktop Outlook. None received today until closing: 2 spams came through. When will we receive any "banked" incoming that did not come through before? Thanks. Zoho rocks.
Hey! I totally understand this is not your fault although I do have a major concern. The service temporarily resumed and I received some newer emails via pop3 however previous 'lost' emails didn't come through. I realise it says in your post that emails could be held up in hops - is this definitely the case even though I have received newer emails? Please excuse my ignorance :) Cheers,
Please read this blog post: https://wp.me/p2CKhX-8Vt
Keep up the good work. I've administered servers that were under DDoS and I know how unbelievably difficult it is to mitigate them. Good luck and don't give in.
Having worked in Information Security / Digital Forensics for many years I completely understand what you guys are going thru & know the challenges you're facing... you have my sympathy as well as my SUPPORT.
Are the API calls going through? Are we losing leads coming from websites?
We are having errors while login iin to our support portal and Zoho CRM. Please advise on what the problem could be
We understand your problem but if this continues, we are obliged to look for alternative and stop us subscription. If you are not a solution to this problem, we ask a compensation for the loss and proper functioning of our administration. We would like to receive your solution for this problem Luc Bergen
Hi Zoho Team While the current disruptions are frustration, we totally understand and are grateful for your good work in overcoming these criminal attacks. Keep up the good work and we look forward to good news that you have overcome these attacks soon. We trust that you are doing everything you can.