Headsup: config changes
Following up a bit on the recent DDOS nonsense going on (per https://dv.netllama.us/dv/thread-26406.html ), I've made a number of configuration changes to the server earlier today, which will temporarily penalize (BAN) distinct IP addresses that are engaging in aggressive usage patterns.

In theory no one with "normal" usage patterns should notice anything.    However, a lot of these changes are often a trial & error process.  Its possible that I might be too aggressive in some of the penalty thresholds, and innocent users might get caught.

Apologies in advance if this happens to you.  The current ban is 30 minutes.  If you start having problems, please do the following so that I can tune the enforcement to stop punishing the innocent:

  1. Go to https://www.whatismyip.com/ and make a note of your Public IPv4 and IPv6 (you might only have one instead of both)
  2. Wait 30 minutes for the ban to expire
  3. Reply to this thread, and include the approximate time when you were banned (note the timezone if you're not in PST), and your Public IPv4 and IPv6 address values
  4. Note how you were using the site when the ban happened (just reading random threads, trying to reply/post, etc)

Once I have the above info, I can tune the enforcement to avoid punishing the innocent.

Thanks for everyone's patience as I work on this issue.
I believe that all changes required to defend the site against the attacks are now in place.

Please holler if there are any problems.
(2025-01-19, 09:19 PM)netllama Wrote: I believe that all changes required to defend the site against the attacks are now in place.

Please holler if there are any problems.
Your expertise is way over my head and much appreciated in keeping this valuable forum afloat.
Life begins in Death Valley
@bluegreenkayak contacted me offline to report that these changes were accidentally blocking her ability to create a new thread with a lot of images.  Apparently linking out to a huge number of external images (such as Flickr) gets treated as one connection per image, which can quickly exceed the threshold for detecting an attack.

I've tweaked the config a bit, and it should hopefully fix this problem.

Forum Jump:

Users browsing this thread: 2 Guest(s)