We are being DDOSed again, and cloudflare is catching most of it so the site is still usable. We are tweaking the settings of our DDOS protection to make it load faster

submitted by magnora7 from self.SaidIt

We're being bombarded with a quarter-million requests per hour as of 2 hours ago. The site is currently functional and the defenses are working, but it's unfortunately pretty slow as you may have noticed over the last hour. Tonight we will be tweaking our defenses to properly block the DDOS requests while allowing the site to be as fast as possible for normal users until the attack ends.

edit: We have just tweaked the DDOS protection settings and now the load times are 1-5 seconds instead of 10+ seconds. There may be more cloudflare 5-second interstitial pages. This seems to have fixed the bulk of the slow load times and it's all smooth now.

edit2: The attacks stopped shortly after we blocked them properly, event over.

all 63 comments
sorted by:
top
newinsightfulfun

[–]Vexems 36 insightful - 5 fun36 insightful - 4 fun37 insightful - 5 fun -  (0 children)

We would like to deeply apologize for the trouble/stress you're likely going through because of the actions of one twisted individual who thinks he's above the law. We might not know who's doing this to you, but we do have a good guess, though no proof of his involvement. Keep your head up, I doubt he's gonna stop.

[–]LUFC 33 insightful - 5 fun33 insightful - 4 fun34 insightful - 5 fun -  (3 children)

Phineas is a turbovirgin, hope the work he's causing you is also good for your site long term magnora.

[–][deleted] 12 insightful - 2 fun12 insightful - 1 fun13 insightful - 2 fun -  (0 children)

It's not just Phineas. Things are about to get bigger than that, like Voat. Voat broke Pizza Gate (well, wikileaks did, but Voat brought it into public view in a major way), and the whole Epstein case a few years before it finally went mainstream. Voat is comprised of Reddit rejects who were banned/got sick of censorship and use the word "nigger" as a filter for SJW's. They even call white people niggers; it's not about ethnicity, it's about behavior/character. They aren't racist. They're "behaviorist". They even have a black userbase that agrees with the majority of the website, there have been multiple thread checks.

Days before it went mainstream, Voat made a thread about Epstein, and the US & Vatican's connection's to child/human trafficking and pedophilia. That thread was getting attacked out of the ass and then Voat (which is pretty beefed up at this point) was down for a few days, which forced them to go into account only mode and close registrations.

Any website that allows freezepeach is a threat to the governments of the world. If they're not controlling the narrative and we're thinking on our own, there's a fucking problem.

[–]necrocannibal2 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (1 child)

sorry, who's Phineas?

[–]shtposter9000 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Phineas is a known hacker, doxxer, swatter and pays 13 year old girls $100 to live chat

[–][deleted] 27 insightful - 2 fun27 insightful - 1 fun28 insightful - 2 fun -  (4 children)

We appreciate your's and u/D3rr's hard work

[–]magnora7[S] 23 insightful - 2 fun23 insightful - 1 fun24 insightful - 2 fun -  (3 children)

Thanks, I think it is starting to get more manageable as our server architecture is becoming more developed, and we get better at working with it.

[–][deleted] 18 insightful - 2 fun18 insightful - 1 fun19 insightful - 2 fun -  (2 children)

In a way its a blessing in disguise so you guys can get this site to where it needs to be for when reddit inevitably collapses on itself and people come looking for an alternative

[–]magnora7[S] 19 insightful - 2 fun19 insightful - 1 fun20 insightful - 2 fun -  (1 child)

Yes, the attacks are good so that our defenses are tested and ready for when things get serious. Every new attack reveals a new hole that we plug, so the attacks have to get more and more obscure and tricky to be successful. Which means more and more uptime for saidit.

[–]ScamCast 14 insightful - 2 fun14 insightful - 1 fun15 insightful - 2 fun -  (0 children)

Thanks for your guys work!

[–][deleted] 8 insightful - 2 fun8 insightful - 1 fun9 insightful - 2 fun -  (2 children)

Again, I'd like to extend our thanks for your hard work. Are you aware that the sole reason people are trying to shut you down is that you're providing a safe space for incels at /s/Incels? There is a subreddit https://reddit.com/r/IncelTears full of people who despise us and try to hunt us down. Their mission in life is to make sure that we suffer and they'll go far out of their way to do so.

You have no idea what a relief it is to have the admins actually try to protect us from bullies for once.

[–]compultantuser 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (1 child)

Why do people hate incels so much?

I don't get it. Other than typical bullshit like the condemn all muslims post 9/11.

[–][deleted] 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (0 children)

Humans evolved to be tribal. The need to hate, to find a scapegoat, an enemy, is sadly a part of being human.

Fortunately, thanks to social progress it has become much less socially acceptable to hate an ever-growing number of groups such as Muslims and transexuals. However, the people leading the charge to stop the hate are women more often than not. Unattractive men are a group even women with best intentions struggle to care about. And if any woman acts out of lockstep to defend us? She ends up being ostracized and suffering.

Bottom line: most of that "societal hatred quota" is met by focusing on us. We're a lightning rod for society's rage. Nevertheless, I have faith society will continue to progress and in a few decades it will be socially unacceptable to mock men for using a fleshlight or being short in much the same way it's socially unacceptable now to mock women for being ugly or fat.

[–]notaddos 4 insightful - 9 fun4 insightful - 8 fun5 insightful - 9 fun -  (12 children)

A friend who was not even dos

This was a meme with requests sent from one server to an individual URL that could be easily cached.

The pages dropped because the requests were stopped by us. The attack can be run indefinitely without any problem, and many servers. We stopped requests because you now understand the problem.

If you're hosting "controversial" content, you should be better prepared. This was not a serious attack, only one server with one CPU and a 100Mbps line to send a request via cloudflare.

[–]LUFC 10 insightful - 2 fun10 insightful - 1 fun11 insightful - 2 fun -  (2 children)

Am i getting this right youre claiming you caused this? All that effort to take the site down again since last time and just so you could post a smug message like this and say it's their fault for hosting IP2? You're mentally ill and everyone realises it but you

[–]idkwhatimseeking 6 insightful - 2 fun6 insightful - 1 fun7 insightful - 2 fun -  (0 children)

I think you misunderstood. He's testing the sites ability to handle ddos attacks. When he finds an issue, he reports it. He then suggests that if we're going to host controversial content, then the site should be better prepared against ddos attacks. If he was really trying to ddos, he would have fucked up the site a hell of a lot more than what he actually did.

[–]notaddos1 1 insightful - 3 fun1 insightful - 2 fun2 insightful - 3 fun -  (0 children)

no effort. not real attack

[–][deleted] 9 insightful - 1 fun9 insightful - 0 fun10 insightful - 1 fun -  (0 children)

CF should be caching most everything.. what url were you hitting? Since you've come this far, please help us to improve.

[–][deleted] 7 insightful - 2 fun7 insightful - 1 fun8 insightful - 2 fun -  (7 children)

Did you get a bunch of 429 responses too? Nginx rate limiting should have caught you.

[–]notaddos1 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (1 child)

Yes, although when we noticed the 429s, the other IP addresses that we didn't have also returned 429. Are you sure you're limiting the real IPS, not the IPS cloudflare?

The end point does not matter. Any url, the url contains a random xxxxxx number that is appended at the end to avoid some caching

[–][deleted] 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (0 children)

Thanks. Yeah the rate limiting is supposed to act on visitor ips not CF ips, but maybe it's misconfigured.

[–]notaddos1 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (4 children)

If the attack is real we most likely hit / login / with a unique POST so no cache

503 when commenting very annoying. we have to try 10+ times to succeed in comment

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (3 children)

503 when commenting very annoying.

??? The site is messing up now, post attack?

[–]notaddos1 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (2 children)

we think increased cloudflare protection why. from tor

[–]Mnemonic 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

Tor can access, that's how I'm here :D

[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

Hahaa so you DOS the site for an hour, take it down, then come on and complain about Tor access. Got it.

[–]Vigte 5 insightful - 6 fun5 insightful - 5 fun6 insightful - 6 fun -  (3 children)

a quarter-million requests per hour as of 2 hours ago.

Does that mean the ranking of the site might go up

(I know, I know - probably not, but it's fun to imagine)

[–]magnora7[S] 9 insightful - 4 fun9 insightful - 3 fun10 insightful - 4 fun -  (1 child)

Actually it will help our rank go up, most likely. This is the probably similar to the manner by which reddit is faking their traffic

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Yeah Reddit fakes everything. They say they have 300 million users but look at r/announcements. Only 35 million accounts subscribed to it and most people have a bunch of accounts.

[–][deleted] 6 insightful - 5 fun6 insightful - 4 fun7 insightful - 5 fun -  (0 children)

Hahaaa

[–]MrRubberDucky 5 insightful - 3 fun5 insightful - 2 fun6 insightful - 3 fun -  (5 children)

Good job on fixing that to some extend, was wondering why I was unable to access saidit. Together we are strong! (Strong in as commumity, not DOS, just clarifying)

[–]Pohl 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (4 children)

DDOSed... Best sign Saidit its working. We are hurting "them". I cannot advocate violence but to not have a place where we can speak freely its deplorable. So congrats in fighting it and beating it! (Reddit expat).

[–]MrRubberDucky 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (3 children)

what's the point you're trying to make?

[–][deleted] 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

He's saying that you're a reddit expat who's against reddit and is supporting the saidit admins.

[–]Pohl 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

That Saidit has a chance of becoming the substitute for the true old reddit.

[–]MrRubberDucky 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

oh, true that.

[–]m68k 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (0 children)

I figured, was getting cloudflare screens every few minutes. Glad things are holding up this time. :)

[–]Reddit_sucks_dick 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (1 child)

Do you have any suspects? If so, does it rhyme with 'Leddit' or 'Chyna'?

[–]WeRInTheEndGameNow 9 insightful - 1 fun9 insightful - 0 fun10 insightful - 1 fun -  (0 children)

yes his name is Phineas and we have a picture of him

[–]WildWolf 4 insightful - 1 fun4 insightful - 0 fun5 insightful - 1 fun -  (0 children)

good work

[–]notaddos1 2 insightful - 4 fun2 insightful - 3 fun3 insightful - 4 fun -  (13 children)

edit2: The attacks stopped shortly after we blocked them properly, event over.

attack did not stop from anything site did. attack stop from us.

can start again if wanted

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (12 children)

So you can pass the CloudFlare check with multiple ips? Do you have to pass them manually with a real browser?

[–]notaddos1 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (0 children)

no. several thousand bot ips. cloudflare doesn't know they bot.

[–]notaddos1 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (10 children)

automatic pass. just keep socket alive until passed. up to 65,000 active socket 1 server...

tor comment error seem fix

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (9 children)

Shit. Can you recommend a company that does better at protection than CF?

[–]notaddos1 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (8 children)

no. nothing.

fix has to be application layer performance... not ez sorry. cloudflare doing best can.

1 more flood 5 minutes to test new defenses perhaps make mr. magnora look silly. then won't ever do again

flood in few minutes. only last 5 minute.

if happen again after this one, not me

[–]Vexems 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 1 fun -  (0 children)

What's the point of doing any of this? Has someone personally offended you on this site? Do you believe taking out your anger on the other innocents on this site is gonna change anything? What do you hope to gain from any of this?

[–][deleted] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (6 children)

When now? Ok CF going back to Max protection.

[–]notaddos1 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (5 children)

ok. in 2 minutes. goodluck.

[–][deleted] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (3 children)

We're still here...

[–]notaddos1 4 insightful - 2 fun4 insightful - 1 fun5 insightful - 2 fun -  (1 child)

goodluck in future. if future not me

[–][deleted] 5 insightful - 2 fun5 insightful - 1 fun6 insightful - 2 fun -  (0 children)

Thanks man. If you want to help us improve our codebase, a lot of people will be thankful.

[–]notaddos1 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

hard for me to comment in max mode. 503s.

better. i stopped pretty quickly. site still lags but no

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Ugh you too?

[–]HibikiBlack 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

Hang in there guys. There's a lot of crooks out there that don't want us to fight back, but the war is just getting started.

[–]felisc 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

Thanks for the work you do to keep this online.

[–]pointyball 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

Freedom for Hong Kong!

[–][deleted]  (1 child)

[deleted]

    [–]Iceposeidonsarmthing 8 insightful - 3 fun8 insightful - 2 fun9 insightful - 3 fun -  (0 children)

    Nice try phineas go put some lipstick on

    [–]anechoic 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

    dog, who did you piss off to get attacked again like this?

    [–]OmegaUser296 1 insightful - 2 fun1 insightful - 1 fun2 insightful - 2 fun -  (0 children)

    Awwww.... shit.... here we go again

    [–]lesbian 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

    Anyone knows why?

    [–]Iceposeidonsarmthing 8 insightful - 4 fun8 insightful - 3 fun9 insightful - 4 fun -  (0 children)

    Because IP2 migrated here. The incels think it’s them but they think everything is about them.

    [–][deleted] 7 insightful - 3 fun7 insightful - 2 fun8 insightful - 3 fun -  (0 children)

    It's because saidit protects the free speech of disenfranchised people such as incels. How frequent were these attacks before the major incel subreddit (Braincels) shut down a week ago and people start migrating here (to /s/Incels)? Sadly, there is a hategroup known as "IncelTears" who make it their mission in life to cause us pain. saidit is getting DDOSed by this hategroup because we are here.