LocalXpose
3 min read By LocalXpose Team

Incident Report: EU Region Service Disruption

On April 16, 2026, LocalXpose experienced service disruptions caused by Distributed Denial of Service (DDoS) attacks targeting our EU-based infrastructure.

Incident Report

On April 16, 2026, LocalXpose experienced service disruptions caused by Distributed Denial of Service (DDoS) attacks targeting our EU-based infrastructure. These attacks triggered automated protection systems at our cloud provider, leading to tunnel service failures in the EU region.

  • Affected Users: A subset of users on Basic and PRO plans in the EU region.
  • Non-Affected Users: Enterprise customers with dedicated instances remained stable.
  • Resolution: Our team collaborated with infrastructure providers to mitigate the attacks, increase capacity and restore full service.

Timeline of Events

April 16, 2026

  • 14:30 UTC: Initial detection of the DDoS attack due to internal monitoring and cloud provider notifications triggered by automatic activation of DDoS protection.

  • 14:34 UTC: Establishing communication with the cloud provider to coordinate mitigation.

  • 15:04 UTC: LocalXpose team begins deploying additional EU resources.

  • 15:32 UTC: All traffic to EU instances was restored.

  • 18:26 UTC: Traffic again blocked by cloud provider due to suspected DDoS attack.

  • 18:57 UTC: LocalXpose team migrates disrupted tunnels to additional EU capacity.

  • 19:04 UTC: All traffic to EU instances was restored.

User Impact & Recovery

Tunnels using EU Gateway servers were completely unavailable during peak incident windows. Enterprise customers and Tunnels using AP and US Gateway servers were unaffected.

  • Recovery Times: Individual experiences varied. However both incidents made our infrastructure unavailable in the EU region for about 1 hour, 30 minutes in total.

Our Response & Future Prevention

CategoryActions Taken & Planned
Immediate ActionsScaled resources in the affected region. Advanced network traffic diagnostic to find tunnels and contact users which may have been targeted by DDoS.
InfrastructureExpanding multi-cloud footprint to minimize single-provider impact.
MonitoringAdded additional alerting thresholds to enable faster detection of service deterioration.

Understanding DDoS Attacks

A Distributed Denial of Service (DDoS) attack involves multiple compromised systems overwhelming a target with traffic. Common types include:

  • Volumetric: Flooding the network with massive traffic.
  • Protocol: Exploiting vulnerabilities in network protocols.
  • Application Layer: Overwhelming specific apps with complex requests.

For further reading, visit the CISA DDoS Quick Guide or Cloudflare’s Learning Center.

Next Steps

If you are still experiencing issues, please contact us at hello@localxpose.io.

To improve your resilience:

We sincerely regret the disruption to your operations and appreciate your continued trust in LocalXpose.

— The LocalXpose Operations Team

Share this article

LocalXpose Team

LocalXpose Team

Product & Engineering

LocalXpose builds secure tunnels and remote access workflows so teams can effortlessly stay online without managing infrastructure.

Contact Website GitHub X/Twitter