We are being DDOSed again, and cloudflare is catching most of it so the site is still usable. We are tweaking the settings of our DDOS protection to make it load faster

notaddos1 · 2019-10-10T01:33:34+00:00

goodluck in future. if future not me

notaddos1 · 2019-10-10T01:30:48+00:00

hard for me to comment in max mode. 503s.

better. i stopped pretty quickly. site still lags but no

notaddos1 · 2019-10-10T01:20:27+00:00

ok. in 2 minutes. goodluck.

notaddos1 · 2019-10-10T01:16:29+00:00

no. nothing.

fix has to be application layer performance... not ez sorry. cloudflare doing best can.

1 more flood 5 minutes to test new defenses perhaps make mr. magnora look silly. then won't ever do again

flood in few minutes. only last 5 minute.

if happen again after this one, not me

notaddos1 · 2019-10-10T01:07:27+00:00

automatic pass. just keep socket alive until passed. up to 65,000 active socket 1 server...

tor comment error seem fix

notaddos1 · 2019-10-10T01:06:30+00:00

no. several thousand bot ips. cloudflare doesn't know they bot.

notaddos1 · 2019-10-10T00:41:08+00:00

edit2: The attacks stopped shortly after we blocked them properly, event over.

attack did not stop from anything site did. attack stop from us.

can start again if wanted

notaddos1 · 2019-10-09T23:50:55+00:00

we think increased cloudflare protection why. from tor

notaddos1 · 2019-10-09T23:34:52+00:00

no effort. not real attack

notaddos1 · 2019-10-09T23:32:14+00:00

If the attack is real we most likely hit / login / with a unique POST so no cache

503 when commenting very annoying. we have to try 10+ times to succeed in comment

notaddos1 · 2019-10-09T23:28:15+00:00

Yes, although when we noticed the 429s, the other IP addresses that we didn't have also returned 429. Are you sure you're limiting the real IPS, not the IPS cloudflare?

The end point does not matter. Any url, the url contains a random xxxxxx number that is appended at the end to avoid some caching

notaddos1