Are we suffering attempted DDoS attacks.

[f33dm3bits]

I can only speak for SMF - it also counts bots. (Which may or may not be part of a DDoS.)

So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.

 

[KGIII]

So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.

No, it would show 50 million views - as they all originated from the same IP address. To appear as 50 million guests, you'd need to space them out over a long time or have a bunch of IP addresses available.

This site uses XenForo and not SMF.

 

[f33dm3bits]

@Rob I read that Amber Heard needs a job, can we hire her to take a shit on the ddosers?

 

[Rob]

ok, i just upped the cloudflare settings again .. let's see how that goes :/

 

[atanere]

Like night and day. Thanks, Rob!

 

[kc1di]

Was out here also. just came back 2:30 Eastern US time. But is still in and out.

 

[Brickwizard]

I noticed.. Back to the same settings as the last bad attack, we can accept that

 

[kc1di]

Working here now thanks Rob

 

[KGIII]

Yeah, it just checked my bits. That should slow down/stop quite a few requests.

The more I think about it, the more I'd list the spammers as my primary suspect. A DDoS isn't cheap unless you have your own botnet. Of all our fans with botnets, I'd figure they're the most likely to have them.

(You don't generate that kinda traffic without a botnet, I don't believe.)

There have been a bunch of spammers getting large numbers of their accounts banned. They might be mad that the effort they spent being wasted. I don't suppose anyone has emailed you any threatening missives, indicating intent to bring the site down?

 

[f33dm3bits]

ok, i just upped the cloudflare settings again .. let's see how that goes :/

Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?

 

[KGIII]

Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?

One of Google's primary ranking metrics is how fast it takes your site to load content. This greater emphasis is fairly recent.

Try as I might any solid documentation/studies to show if Cloudflare's 'checking your browser' impacts Google's ranking of the site.

Under normal circumstances (that is without the browser checking) CF can even help with your ranking by loading it faster from the CDN. That's a given and there are all sorts of results for that.

Ideally, CF would whitelist all the Google crawler IP addresses and let those through without adding additional checking time.

I can find exactly no solid information about this. None... SEO is very much a blackbox kinda deal, though Google is generally kind enough to provide some hints. They were even kind enough to tell us that they were placing even greater emphasis on site loading times.

If, and that's just an if, Google crawlers are delayed by 5+ seconds, that will make Linux.org plummet in the search engine results. Temporarily, it probably won't matter. Long term? It'd be bad and Linux.org would lose the coveted #1 slot for "Linux" at a few search engines.

I started looking this up when Rob first enabled the additional protection and found nothing. I just spent another 15 or so minutes going through various keywords and search results, with nothing popping up that offered any great insight.

Part of the problem might be that the search terms are saturated with how CF can help your results - which it can, of course.

 

[Deleted member 137406]

Been hit and miss all day long to login and even after being logged in trying to post anything without having to log back in.

I understand it's from the DDoS attacks.

Whatever it takes guys.

Thanks.

 

[KGIII]

I'm not sure if it's related, but my Linux site has had a ton of attacks today, more so than I've ever noticed before. It's nothing like this site has been getting, but it's a whole lot more than normal. It's on the order of several thousand attacks just today.

 

[KGIII]

Also, now that we have the shields up, can you let us know how much is being rejected by CF?

I ask mostly 'cause I'm curious about the scale of the attack. I don't actually need this data for anything, I'm just curious.

 

[Deleted member 111282]

I don't think the amount of users seen online is an indication of a ddos, ddos's are usually done with tools that generate big loads of traffic to overload the server by sending a lot of requests to the webserver.

One example is Low-Orbit Ion Cannon, which is what Anonymous used to take down Scientology's website during the protests https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon

 

[Adithyansm]

WE CAN WAIT FOR 5 SECONDS RIGHT EVERYBODY!

 

[bob466]

WE CAN WAIT FOR 5 SECONDS RIGHT EVERYBODY!
View attachment 12772

Just waited 38 seconds to check my browser.

 

[wizardfromoz]

We're both Aussies - takes about 10 secs for me with an occasional "Oops, press your back button and refresh"

I'd rather the wait, and knowing the site will be there on the other side, than the alternative.

 

[SlowCoder]

I'd rather the wait, and knowing the site will be there on the other side, than the alternative.

I'm not an aussie, but I agree. Better than the alternative.

 

[Rob]

I'm noticing traffic decreasing recently so I brought the ddos settings down a bit - hopefully we'll be ok.