Calcudoku puzzle forum
https://www.calcudoku.org/forum/

site suffered another DDOS attack
https://www.calcudoku.org/forum/viewtopic.php?f=5&t=1174
Page 1 of 1

Author:  pnm  [ Thu Oct 10, 2019 9:19 am ]
Post subject:  site suffered another DDOS attack

Much like the previous one: viewtopic.php?f=5&t=1157

The site was again swamped with random forum requests (600-1000 in a few minutes),
at about 1.38am CEST (so 7.38pm EDT for example),
causing the server to run out of memory, which crashed the database server.

This explains the "can't connect / mysql" errors people were seeing.

This attack again was from China.

Author:  pnm  [ Fri Oct 11, 2019 11:14 am ]
Post subject:  Re: site suffered another DDOS attack

This is why I took the forum offline overnight last night.. [mellow]


update: I added some new "DDOS mitigation" features,
let's hope this helps [namaste]

Author:  pnm  [ Sat Feb 12, 2022 2:17 pm ]
Post subject:  Re: site suffered another DDOS attack

There is a lot of "behind the scenes" work too, fortunately lately not against DDOS attacks.

Getting many more "dummy accounts" during the past year or so, about 40-50 a month,
almost exclusively from Russia for some reason.

Author:  eclipsegirl  [ Sat Feb 12, 2022 4:25 pm ]
Post subject:  Re: site suffered another DDOS attack

Please help me understand.

I dont agree with DDOS attacks.

I can comprehend a motive when other malicious operators think they can demand ransom to stop the attack.

However, this is a site that produces puzzles.
There are less than 10 000 users.
Patrick is not raking in the money by keeping the rest of us entertained with puzzles.

Patrick shouldn't (shouldn't) pay a ransom to the malicious operators.

So what is the point of doing this?

In other words, I do not understand the motivations of evil people.

Author:  pnm  [ Sat Feb 12, 2022 4:32 pm ]
Post subject:  Re: site suffered another DDOS attack

eclipsegirl wrote:
Please help me understand.


Yes, at least with DDOS attacks there is the ransom option.

No idea what people want with the hundreds of fake accounts though.

(it's not like you can post on the forum with an account with zero points)

Author:  eclipsegirl  [ Sat Feb 12, 2022 4:47 pm ]
Post subject:  Re: site suffered another DDOS attack

This site is apolitical.

I assume posts that cross into politics or disinformation can be removed. I dont think any long term participant would complain.

it is a joy for many of us to be able to share our joy of puzzles with out dealing with the other things occurring in real life.

Author:  pnm  [ Sun Feb 11, 2024 11:02 pm ]
Post subject:  Re: site suffered another DDOS attack

Another DDOS hit on the forum, again from China, sadly [crying]

I noticed it because the size of the daily backup file went down instead of up (!)
(it really should always increase).

This was because there were many forum sessions from China that happened to expire
(went from about 43000 sessions to about 5000 in one day).

I blocked the offending IP address, but I'm assuming the site will be attacked from
new sources later [glare]



pnm wrote:
Much like the previous one: viewtopic.php?f=5&t=1157

The site was again swamped with random forum requests (600-1000 in a few minutes),
at about 1.38am CEST (so 7.38pm EDT for example),
causing the server to run out of memory, which crashed the database server.

This explains the "can't connect / mysql" errors people were seeing.

This attack again was from China.

Page 1 of 1 All times are UTC + 1 hour [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/