Wikipedia Removes Archive.today Following DDoS Attack and Content Alteration Concerns
The English-language edition of Wikipedia has begun blacklisting and removing links to the web archiving service Archive.today, a move prompted by allegations that the site was used to launch a distributed denial-of-service (DDoS) attack and that archived content had been altered. The decision, which impacts over 695,000 links across approximately 400,000 Wikipedia pages, highlights the challenges of maintaining source reliability in the digital age and the potential for malicious actors to manipulate online information.
Wikipedia editors reached a consensus to “immediately deprecate” Archive.today and add it to the spam blacklist, according to a discussion page update. The action follows reports that Archive.today engaged in a DDoS attack against blogger Jani Patokallio beginning on January 11, 2026. The attack allegedly involved users loading the archive’s CAPTCHA page unknowingly executing JavaScript that sent search requests to Patokallio’s blog, Gyrovague, in an attempt to increase his hosting bill.
Further investigation revealed that Archive.today had similarly modified archived webpages, inserting the name of the targeted blogger. This discovery, as reported by Ars Technica, fueled concerns about the site’s reliability as a source.
“There is consensus to immediately deprecate archive.today, and, as soon as practicable, add it to the spam blacklist (or create an edit filter that blocks adding novel links), and remove all links to it,” stated an update on Wikipedia’s Archive.today discussion page. “There is a strong consensus that Wikipedia should not direct its readers towards a website that hijacks users’ computers to run a DDoS attack (see WP:ELNO#3). Evidence has been presented that archive.today’s operators have altered the content of archived pages, rendering it unreliable.”
This is not the first time Archive.today has faced scrutiny from Wikipedia. The site was previously blacklisted in 2013 but removed from the blacklist in 2016. The latest decision comes after a request for comment that began on February 7, 2026, and concluded on February 20, 2026.
According to TechCrunch, Archive.today, which also operates under the domain names archive.is and archive.ph, is frequently used to access content behind paywalls, making it a popular source for Wikipedia citations. However, the recent findings have led editors to prioritize source integrity over accessibility. The development underscores the increasing need for vigilance regarding the trustworthiness of online archives and the potential for manipulation of historical records.
As of February 19, 2026, the malicious code used in the DDoS attack remained present on Archive.today, though some ad blockers, such as uBlock Origin, are currently blocking the malicious requests, according to Wikipedia’s information page on the attacks.
