Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: Is anyone having error 504?
by
Juggy777
on 29/08/2018, 17:35:20 UTC
Quote from: theymos on August 29, 2018, 04:00:39 PM
Quote from: Vod on August 29, 2018, 03:51:02 PM
DDoS attack over?

No, but for now I'm successfully filtering it.

Quote from: Welsh on August 29, 2018, 03:52:25 PM
Has Cloudflare had an effect on DDOS attacks at all? I'm guessing there's been a few attempts since it was introduced, but we haven't noticed. I haven't used cloudflare, but I assume they let you know if there is an unusual amount of traffic happening?

CF stops all sub-layer-7 attacks, which is somewhat useful. But I was doing pretty well at stopping those on my own. What caused me to switch to Cloudflare in the first place was tens of thousands of IPs doing things which seemed indistinguishable from real-world traffic. For those layer-7 attacks, Cloudflare has been a mixed bag.

First of all, I can enable the "checking your browser" thing, and that stops almost all attacker traffic. But that also breaks noscript browsers and bots, so I don't like to do it too much. Skilled attackers can also sometimes get through that, though I think that it does require a proof-of-work.

Cloudflare is honestly not very good at detecting attack traffic. You'd think that they'd be able to detect things like a huge influx of IPs that are not the regular visitors, or IPs that are not used for regular traffic on any of CF's sites, or a bunch of weird request patterns that have never been done before in the history of the site. I feel like I'd be able to write this kind of general detection code if I had a year to dedicate to it, and I'm not a giant corporation. So that's a disappointment. But nobody else is better AFAIK. I talked to Incapsula at length, and their tech is AFAICT basically the same as Cloudflare, but a lot more expensive.
Quote from: theymos on August 29, 2018, 03:19:34 PM
It's a DDoS.

I suspected this was the reason after initial 30 minutes of not being able to access the site I decided to see if there was any update on twitter, last time in a similar situation we had gotten a update there. I'm glad the site is up and running for all, this is the second big Ddos attack on this site in two years, but im glad thermos got it up in time.

I was planning to take Ddos for my site but after reading this review I feel it's not worth to take it for my website thanks theymos for the detailed explanation.