Are we suffering attempted DDoS attacks.

I can only speak for SMF - it also counts bots. (Which may or may not be part of a DDoS.)
So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.
 


So if I sent 50 million curls to request the linux.org website it would count as 50 milllion guest users, I would find that unlikely? But SMF is another software suite, linux.org uses something else I forgot the name.

No, it would show 50 million views - as they all originated from the same IP address. To appear as 50 million guests, you'd need to space them out over a long time or have a bunch of IP addresses available.

This site uses XenForo and not SMF.
 
Was out here also. just came back 2:30 Eastern US time. But is still in and out.
 
  • Like
Reactions: Rob
I noticed.. Back to the same settings as the last bad attack, we can accept that
 
Working here now :) thanks Rob
 
Yeah, it just checked my bits. That should slow down/stop quite a few requests.

The more I think about it, the more I'd list the spammers as my primary suspect. A DDoS isn't cheap unless you have your own botnet. Of all our fans with botnets, I'd figure they're the most likely to have them.

(You don't generate that kinda traffic without a botnet, I don't believe.)

There have been a bunch of spammers getting large numbers of their accounts banned. They might be mad that the effort they spent being wasted. I don't suppose anyone has emailed you any threatening missives, indicating intent to bring the site down?
 
ok, i just upped the cloudflare settings again .. let's see how that goes :/
Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?
 
Can we keep Cloudflare on after these ddos attacks are gone or does it cost extra money to keep Cloudflare ddos protection activated?

One of Google's primary ranking metrics is how fast it takes your site to load content. This greater emphasis is fairly recent.

Try as I might any solid documentation/studies to show if Cloudflare's 'checking your browser' impacts Google's ranking of the site.

Under normal circumstances (that is without the browser checking) CF can even help with your ranking by loading it faster from the CDN. That's a given and there are all sorts of results for that.

Ideally, CF would whitelist all the Google crawler IP addresses and let those through without adding additional checking time.

I can find exactly no solid information about this. None... SEO is very much a blackbox kinda deal, though Google is generally kind enough to provide some hints. They were even kind enough to tell us that they were placing even greater emphasis on site loading times.

If, and that's just an if, Google crawlers are delayed by 5+ seconds, that will make Linux.org plummet in the search engine results. Temporarily, it probably won't matter. Long term? It'd be bad and Linux.org would lose the coveted #1 slot for "Linux" at a few search engines.

I started looking this up when Rob first enabled the additional protection and found nothing. I just spent another 15 or so minutes going through various keywords and search results, with nothing popping up that offered any great insight.

Part of the problem might be that the search terms are saturated with how CF can help your results - which it can, of course.
 
Been hit and miss all day long to login and even after being logged in trying to post anything without having to log back in.

I understand it's from the DDoS attacks.

Whatever it takes guys.

Thanks.
 
I'm not sure if it's related, but my Linux site has had a ton of attacks today, more so than I've ever noticed before. It's nothing like this site has been getting, but it's a whole lot more than normal. It's on the order of several thousand attacks just today.
 
Also, now that we have the shields up, can you let us know how much is being rejected by CF?

I ask mostly 'cause I'm curious about the scale of the attack. I don't actually need this data for anything, I'm just curious.
 
WE CAN WAIT FOR 5 SECONDS RIGHT EVERYBODY! :D
Screenshot_2022-06-04_19-27-15.png
 
We're both Aussies - takes about 10 secs for me with an occasional "Oops, press your back button and refresh"

I'd rather the wait, and knowing the site will be there on the other side, than the alternative.
 
I'd rather the wait, and knowing the site will be there on the other side, than the alternative.
I'm not an aussie, but I agree. Better than the alternative.
 

Members online


Top