(see previous Signpost coverage, and coverage in this issues in the media and news and notes sections)

After the website archive.today launched a DDoS campaign against a small blog in January 2026, a request for comment was started. After the discovery of tampered archives, consensus was reached to deprecate the site used almost 700 thousand times on the English Wikipedia.^[1]

Note: archive.today is not to be confused with archive.org, which is the domain of the unafilliated Internet Archive.

On February 5, a suspicious script, added to archive.today's CAPTCHA page, was mentioned at Village Pump (Technical) by a wikipedian, after it had been previously reported on Hacker News in January. This developed into a request for comment on February 7 over what to do about the site, as the widespread use of the site would lead to significant disruption. With archived web pages being used to verify information across the wiki, concerns were raised about the impact of deprecation or blacklisting. Other wikipedians raised safety concerns over linking to a website which is running malicious code in user browsers, and some argued that it was a breach of trust, and brought up previous discussions over the sites practices.

archive.today has been cited almost 690 thousand times on Wikipedia, and the main objection to deprecation was on the grounds of loosing access to many sources exclusively archived there. While the RFC was still ongoing, several editors began discussing ways to "deprecate without loosing verifiability" by creating archiving the archives on the platform, using a tool to fetch content from the site and remove Javascript.^[2] Alternative archiving websites, such as the unrelated Internet Archive (archive.org), Megalodon, and Ghost Archive were also brought up several times in discussions. Editors also brought up the four previous RFC's,^[3] and the consensus to blacklist the site in 2013, because of concerns over linkspamming, the operations of the site, and the use of unauthorised bots linking to the sites archives. This was later overturned in 2016.

The process was monitored by the Wikimedia Product Safety and Integrity team, who left a note explaining their approach and that their view, and encouraged the community to "carefully weigh the situation before making a decision on this unusual case."

On February 18, evidence emerged of some archived pages were modified by the webmaster, where an alias of the webmaster was replaced in them with the name of the owner of the blog.^[4] This led to the RFC being closed February 20 with a consensus to deprecate the source, remove links to the site, and eventually add it to the Spam blacklist. {{WP:Wikipedia Signpost/Templates/Quote|There is consensus to immediately deprecate archive.today, and, as soon as practicable, add it to the spam blacklist (or create an edit filter that blocks adding new links), and to forthwith remove all links to it. There is a strong consensus that Wikipedia should not direct its readers towards a website that hijacks users' computers to run a DDoS attack (see WP:ELNO#3). Additionally, evidence has been presented that archive.today's operators have altered the content of archived pages, rendering it unreliable. Those in favor of maintaining the status quo rested their arguments primarily on the utility of archive.today for verifiability. However, an analysis of existing links has shown that most of its uses can be replaced. Several editors started to work out implementation details during this RfC and the community should figure out how to efficiently remove links to archive.today.

Several members of the community have created guidance to editors on how to proceed with the removal of links to the archive, and have provided resources to aid and direct the process, such as a list of high traffic articles linking to the archive, instructions for users who need to visit the site, and a CSS script which highlights references linking to the domain or any of its mirror sites.

Discussions are ongoing on other Wikimedia projects, and an index has been created on Meta-Wiki. The French Wikipedia followed the English language edition, with the service added to their spam blacklist.^[5] Over on Meta-Wiki, an administrator declined a request to globally blacklist the archive, as "There are too many usages on too many wikis. [English Wikipedia's] consensus alone isn't going to be sufficient to blacklist this domain globally." They added that "the next step would be to open a global RfC."

The incident has drawn widespread attention, with the RFC having over 200 participating editors, 30 thousand pageviews, and more than one thousand total edits. Additionally, the guidance page has had over 13 thousand views, and the archive.today article peaking at 9093 views on February 21, a day after the site was deprecated. Several media outlets including Ars Technica and Times of India also produced news coverage of the decision; see this issue's In the media for further information.