Overview

• The main website, Arch User Repository, and Forums continue to experience partial outages in the second week of attacks, according to an August 22 update.
• Maintainers say they are working with their hosting provider and evaluating DDoS protection options with cost, security, and ethical standards in mind.
• Users are advised to rely on mirrors from the pacman-mirrorlist package for installs and updates and to verify installation media against official signatures.
• When the AUR is unreachable, Arch directs users to clone packages from its GitHub-hosted AUR repository using git.
• The project has not identified the attackers or motive and is keeping technical details of the attack and mitigations internal while the incident continues.