Cloudflare

[Janus]

OK, the attack we've been suffering over the past couple of days should now be dealt with.

For reference, it was another DDoS attack like the ones we suffered a few months back. Our forum server IP is normally hidden behind CloudFlare, but the attackers found one somewhat obscure place where it could still be determined. That is now closed off, so it should be taken care of now.

EDIT: oops, we really should be back up for good now. I had to make some changes to allow the main site server to connect to the forum database again, and something went wrong in the database configuration in the process. Fixed now.

 

[Sushiman70]

Thank you Janus.

 

[Lord Brutus]

It's a miracle!  Thanks, Janus.  Now, keep Llandy away from the controls.

 

[Pharaoh Llandy]

I'll have you know I'm an excellent driver/pilot of technology.

Excellent job as usual, Janus. However, ever since the forums have started working again, I've lost the ability to read the PMs of forumers. Could you tick whichever box needs ticking?

 

[Janus]

By the way, you can all thank Dundar (one of the TW devs) for figuring out how the attackers discovered the forum server IP address, and working with me to take care of it.

However, ever since the forums have started working again, I've lost the ability to read the PMs of forumers. Could you tick whichever box needs ticking?

Ah, of course. Just remember to keep the requisite sacrifices coming as per our arrangement.

 

[DanAngleland]

Thank you Janus and Dundar 

 

[Lumos]

Thanks! I had already started losing my mind. Guess I'll go and have a bit of a lie-down now.

 

[Arvenski]

Any idea who the hell's been doing this?

 

[Pharaoh Llandy]

[me=Pharaoh Llandy]gives Dundar a cookie and ruffles his hair.[/me]

Any idea who the hell's been doing this?

My money's on the Russians, in retaliation for the sheer amount of Russian proxy spammers we're catching and banning.

 

[Splintert]

Kremlin, for spreading lies in the Ukraine thread.

 

[Cyborg Eastern European]

I blame the Teletubbies.

 

[Cookie Eating Huskarl]

It's the social justice warriors I tell you. They don't like me pretending to be one of them and calling everyone a male misogynistic ****lord.

 

[Janus]

Note that mail service for the forum is currently down, so registrations and notifications are delayed until we get that taken care of. This is related to the forum DDoS, but they're limited now to attacking the mail server. I'll post an update once we get this taken care of, though it will probably be tomorrow before that happens.

 

[Janus]

The mail server is back up, and all delayed mail has been delivered. I've just improved the security setup a bit on that server, but there's a possibility we'll still have more attacks on it in future. If so, we'll be ready to handle them.

 

[Pharaoh Llandy]

Aww, couldn't you leave the mail server down a bit longer? It's been nice and quiet with no new spammers to ban

Back to work, I guess.

[me=Pharaoh Llandy]sighs[/me]

 

[Nord Champion]

Good work guys!

 

[Catholic]

I chuckled at my personal note, by the way, for whoever did that.

 

[Magorian Aximand]

Woo! Back online! And with a nifty "browser check" thing. Hope that settles it.

I'll never understand why people ddos a place like TW.

 

[Janus]

Yeah, this time around they managed to mask the DDoS as a huge number of seemingly legitimate page accesses through CloudFlare without triggering CloudFlare's usual protection. The backend of the server remained accessible to me this time so that I could monitor the situation, it was just largely inaccessible on the front end.

At one tally of connection info I got a number of 6692 simultaneous connections coming through CloudFlare. I'm sure there were more at one point. The forum software itself came to this tally of unique connections, apparently:
Most Online Today: 4,788. Most Online Ever: 4,788

The devs have enabled some further DDoS prevention through CloudFlare for the time being which will bring up a page before you first access the forum to validate you as a real person. It clearly seems to be working, and doesn't seem like much of a disruption as it automatically went on through for me after a couple of seconds.

Whoever is responsible for these attacks, they certainly are persistent, I'll grant them that.

 

[Magorian Aximand]

Thankfully, we've got an administrative team equal to the task. You're the man, Janus.