CloudFlare check sucks

submitted by binaryblob from self.AskSaidIt

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]binaryblob[S] 8 insightful - 1 fun8 insightful - 0 fun9 insightful - 1 fun -  (3 children)

Thanks for the explanation. It makes sense that it is automated.

Can you see how big the attack is on your infrastructure (that is, how many requests you would have to handle per second (alternatively, more specific or different metrics like number of bytes per second or number of connections made per second) if it wasn't for CloudFlare)?

I am just wondering how big the hate is against this website.

I knew that the web was broken, but it's disappointing to see it in action.

[–]magnora7 20 insightful - 2 fun20 insightful - 1 fun21 insightful - 2 fun -  (2 children)

Saidit gets about a third of a million page load requests a month, and probably half of those are fraudulent (originating from malicious DDOS attacks). During a heavy attack day we might have 10x the page load requests of normal, during which probably 98% of the page requests are fraudulent. Cloudflare ensures (most of) those fraudulent connection attempts stop at cloudflare and don't hit our main server, which is how we're able to stay online.

We've been DDOS attacked multiple times daily for 5 years now. As a result we can never turn our DDOS protection off. So someone out there is setting aside resources on the regular to do this. For years.

I remember the day saidit opened to the public, before we had a registration captcha set up, someone used a script to register all the active usernames from the subreddits where I showed people saidit, and then they auto-registered thousands of usernames, and stole everyone's usernames who might've migrated. Just to frustrate migration and growth of this site. They did this literally hours after we opened the website, they had an automated script ready to go.

This place has been under nonstop attack since day 1, via every method possible from hardware attacks to social engineering, it has honestly surprised me how bad it's been over the last 5 years, I would've never guessed it was this bad. Whoever these groups are, they really don't want forums like saidit to exist.

[–]CheeseWizard 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (1 child)

¯_(ツ)_/¯

I tried to think possible of suspects, just for fun.

Hacktivists. Idk. They love to LARP and believe whatever narrative they are told. Conspiracionists love free speech platforms, so anyone that think thought crimes is a harm to society, including anti vaxx crazies as one of the harms, will try to bring Justice TM around. So it's an easy activist target.

Maybe Reddit and other giant Platforms, are attacking competitors, to keep their quality down. Political attacks for campaigns, like you said. For political reasons, you can try to bring it down, lower the quality and speed by forcing defense mechanisms, or use bots and shills for propaganda. Etc.

[–]magnora7 8 insightful - 1 fun8 insightful - 0 fun9 insightful - 1 fun -  (0 children)

Yeah. I mean literally every big government has an online hired presence, at this point. As do most big corporations.

For example, Monsanto (now Bayer) is known to have a hired shill pool that is running forums 24/7. They look for negative mentions of their company and products, and then their shill network works those threads to make Monsanto and their products look better. Including forum-sliding negative comments and posts.

Now multiply that across hundreds of companies and governments, with thousands of incentives. And basically you get a ton of noise, that is trying to drown out real discussion. And now with AI bots, this process is automated.