---
title: Temporarily disabling new user registrations
sha256: b8b065119670abaf17668e2ec70a7443a9b9b089ef382d66806b50fe80458062
type: source
source: newsletter
source_url: https://status.rubygems.org/incidents/cytf062tkwtt
review_value: 7
review_confidence: 8
review_recommendation: neutral
ingested: 2026-05-16
created: 2026-05-15
updated: 2026-05-15
---
Title: Temporarily disabling new user registrations
URL Source: https://status.rubygems.org/incidents/cytf062tkwtt
Warning: This page contains iframe that are currently hidden, consider enabling iframe processing.
Warning: This page maybe requiring CAPTCHA, please make sure you are authorized to access this page.
Warning: This is a cached snapshot of the original page, consider retry with caching opt-out.
Markdown Content:
## Update
The malicious spam activity against rubygems.org has stopped. The bot accounts responsible have been blocked and removed, and the 500+ malicious packages pushed during the attack have been yanked from the registry.
Registrations will remain closed while we coordinate with Fastly to enable WAF protection and tighten rate limiting on account creation. We expect this to take two to three days. We'll post another update when we're closer being ready to re-enable user registrations.
Gem installs and pushes for existing users are unaffected.
Posted 2 days ago. May 13, 2026 - 03:17 UTC
## Identified
Due to an ongoing DDoS attack against rubygems.org, we have temporarily disabled registrations. We'll share an update once we've made changes to protect legitimate users and prevent further abuse.
Posted 2 days ago. May 12, 2026 - 08:54 UTC