Are we suffering attempted DDoS attacks.

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,900
Reaction score
3,527
Credits
35,667
I can only speak for SMF - it also counts bots. (Which may or may not be part of a DDoS.)
So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.
 


KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,723
Reaction score
5,868
Credits
54,147
So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.

No, it would show 50 million views - as they all originated from the same IP address. To appear as 50 million guests, you'd need to space them out over a long time or have a bunch of IP addresses available.

This site uses XenForo and not SMF.
 

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
1,134
Reaction score
950
Credits
8,116
Was out here also. just came back 2:30 Eastern US time. But is still in and out.
 
  • Like
Reactions: Rob
OP
Brickwizard

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
2,841
Reaction score
1,847
Credits
21,203
I noticed.. Back to the same settings as the last bad attack, we can accept that
 

kc1di

Well-Known Member
Joined
May 14, 2021
Messages
1,134
Reaction score
950
Credits
8,116
Working here now :) thanks Rob
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,723
Reaction score
5,868
Credits
54,147
Yeah, it just checked my bits. That should slow down/stop quite a few requests.

The more I think about it, the more I'd list the spammers as my primary suspect. A DDoS isn't cheap unless you have your own botnet. Of all our fans with botnets, I'd figure they're the most likely to have them.

(You don't generate that kinda traffic without a botnet, I don't believe.)

There have been a bunch of spammers getting large numbers of their accounts banned. They might be mad that the effort they spent being wasted. I don't suppose anyone has emailed you any threatening missives, indicating intent to bring the site down?
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,900
Reaction score
3,527
Credits
35,667
ok, i just upped the cloudflare settings again .. let's see how that goes :/
Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,723
Reaction score
5,868
Credits
54,147
Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?

One of Google's primary ranking metrics is how fast it takes your site to load content. This greater emphasis is fairly recent.

Try as I might any solid documentation/studies to show if Cloudflare's 'checking your browser' impacts Google's ranking of the site.

Under normal circumstances (that is without the browser checking) CF can even help with your ranking by loading it faster from the CDN. That's a given and there are all sorts of results for that.

Ideally, CF would whitelist all the Google crawler IP addresses and let those through without adding additional checking time.

I can find exactly no solid information about this. None... SEO is very much a blackbox kinda deal, though Google is generally kind enough to provide some hints. They were even kind enough to tell us that they were placing even greater emphasis on site loading times.

If, and that's just an if, Google crawlers are delayed by 5+ seconds, that will make Linux.org plummet in the search engine results. Temporarily, it probably won't matter. Long term? It'd be bad and Linux.org would lose the coveted #1 slot for "Linux" at a few search engines.

I started looking this up when Rob first enabled the additional protection and found nothing. I just spent another 15 or so minutes going through various keywords and search results, with nothing popping up that offered any great insight.

Part of the problem might be that the search terms are saturated with how CF can help your results - which it can, of course.
 

Bartman

Well-Known Member
Joined
Mar 14, 2022
Messages
490
Reaction score
415
Credits
3,421
Been hit and miss all day long to login and even after being logged in trying to post anything without having to log back in.

I understand it's from the DDoS attacks.

Whatever it takes guys.

Thanks.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,723
Reaction score
5,868
Credits
54,147
I'm not sure if it's related, but my Linux site has had a ton of attacks today, more so than I've ever noticed before. It's nothing like this site has been getting, but it's a whole lot more than normal. It's on the order of several thousand attacks just today.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
6,723
Reaction score
5,868
Credits
54,147
Also, now that we have the shields up, can you let us know how much is being rejected by CF?

I ask mostly 'cause I'm curious about the scale of the attack. I don't actually need this data for anything, I'm just curious.
 

SpongebobFan1994

Well-Known Member
Joined
Jan 10, 2021
Messages
703
Reaction score
404
Credits
6,787
I don't think the amount of users seen online is an indication of a ddos, ddos's are usually done with tools that generate big loads of traffic to overload the server by sending a lot of requests to the webserver.

One example is Low-Orbit Ion Cannon, which is what Anonymous used to take down Scientology's website during the protests https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon
 

Adithyansm

Active Member
Joined
Nov 11, 2021
Messages
212
Reaction score
86
Credits
1,514
WE CAN WAIT FOR 5 SECONDS RIGHT EVERYBODY! :D
Screenshot_2022-06-04_19-27-15.png
 

wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
7,504
Reaction score
6,350
Credits
26,523
We're both Aussies - takes about 10 secs for me with an occasional "Oops, press your back button and refresh"

I'd rather the wait, and knowing the site will be there on the other side, than the alternative.
 

SlowCoder

Gold Member
Gold Supporter
Joined
May 2, 2022
Messages
456
Reaction score
314
Credits
3,611
I'd rather the wait, and knowing the site will be there on the other side, than the alternative.
I'm not an aussie, but I agree. Better than the alternative.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top