Results 1 to 5 of 5

Thread: DDOS Attack on the site

  1. #1

    DDOS Attack on the site

    Yesterday MerNetwork was down for about 30 minutes. Most people didn't notice. But I wanted to bring it to your attention, because this was not some random database error. This was an attack on the site.

    After talking to the hosting company, reviewing the errors, carefully looking at the access the logs on the server, and doing research on the subject- I have determined that this was a DDOS attack. A DDOS, or distributed denial-of-service attack, is when multiple "users" (not in the registered "users" term, just people who are accessing the site) on the site flood the server with requests for data. This eats up all the bandwidth and/or resources of the server, and causes it to shut down. These attacks are deliberate to cause the site/server to go offline and therefore deny access to normal users, thus the name.

    This case seemed pretty typical. Looking at the access logs, there were lots of foreign IPs accessing dozens of images and threads that are hosted on the server, specifically and all at once. For example, one IP in Germany was accessing the image for only the back button, while also loading the report button image, the mulitquote button image, the bookmarks for each single for every single social media available, each an every single post bit icon separately, tons of avatar and signature images, dozens of other random images specifically, and over a dozen threads- all at the exact same time. Tons of different random IPs all doing this at the same time overwhelmed the server.

    Luckily for us, our host is terrific and has safeguards against these kind of attacks. Once the database is overwhelmed by a certain number of "max users" bombarding the site in an attack, it's automatically shut down. (Which is smart, becuase without this kind of protection, these attacks can apparently physically fry a server.) Basically, these kinds of attacks are run on a script, and once the the site is overwhelmed and shut down, the attack script stops. So once I contacted support, they were able to boot the site back up within a few minutes, no problem.

    After looking more into it, DDOS attacks don't just happen at random. They're done to target that specific site with malicious intent, typically by someone who has something against the site.

    I know there was drama with a few specific people yesterday (here and on FB), but I really hope that these people were not responsible for this attack. I had been told, years ago, that one of these people is knowledgeable in hacking and other black hat behavior, and had used those abilities against another former member of the community. With these kinds of attacks, there is no real way to trace it back to the person who initiated the attack, so I will not point any fingers. I just hope, sincerely, that no one in the community would not stoop that low.

    I thought about not posting about this, to not stir up any more drama. But we will not be attacked and keep quiet about it. You all have a right to know, too. And maybe I'm wrong, maybe it was not a member of the community. I actually hope I'm wrong! Maybe it was some random script kiddie, out to just cause some annoyance for us.

    So yeah.. there ya go.

    Wingéd Mermaid Iona

    FacebookYouTubeEtsy InstagramdeviantARTGoogle+TwitterTumblr


  2. #2
    Senior Member Undisclosed Pod
    Join Date
    Jul 2011
    Posts
    14,562
    Yeah it wasn't random IMO given the people currently being butthurt about the forum and their past doing similar things.

    We haven't had the site pulled down in well over a year. That was someone butthurt.

    Sent from my MotoG3 using Tapatalk

  3. #3
    Jeeze, that's kind of pathetic of them if they felt the need to attack the site over a little drama. I hope that wasn't the situation because that's so petty... Thanks for keeping everyone up to date, Iona!

    Sent from my Z958 using Tapatalk

  4. #4
    Senior Member Pod of The South
    Join Date
    Sep 2012
    Location
    Georgia
    Posts
    470
    Thanks for letting us know! I hope whoever it was (whether it be a member, an ex-member, or just some random joe) doesn't make habit of this. Its silly and pathetic.
    ~Merman Rett Of Georgia~

    (Formerly Known as Risingmermaid)

  5. #5
    Moderator Pod of Cali Mermaid Wesley's Avatar
    Join Date
    Sep 2012
    Location
    Los Angeles Area
    Posts
    4,147

    Visit Mermaid Wesley's Youtube Channel
    I'm glad everything worked out <3


    Sent from my iPhone using Tapatalk

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •