this post was submitted on 22 Jul 2023
2356 points (100.0% liked)

Lemmy.World Announcements

29066 readers
111 users here now

This Community is intended for posts about the Lemmy.world server by the admins.

Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world/

For support with issues at Lemmy.world, go to the Lemmy.world Support community.

Support e-mail

Any support requests are best sent to info@lemmy.world e-mail.

Report contact

Donations ๐Ÿ’—

If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.

If you can, please use / switch to Ko-Fi, it has the lowest fees for us

Ko-Fi (Donate)

Bunq (Donate)

Open Collective backers and sponsors

Patreon

Join the team

founded 1 year ago
MODERATORS
ruud@lemmy.world
lwadmin@lemmy.world
lwCET@lemmy.world
jelloeater85@lemmy.world
Serinus@lemmy.world
lw_mod_notification@lemmy.world
2356
Lemmy.world update: Downtime today / Cloudflare (lemmy.world)
submitted 1 year ago by ruud@lemmy.world to c/lemmyworld@lemmy.world
445 comments fedilink hide all child comments
 

Today, like the past few days, we have had some downtime. Apparently some script kids are enjoying themselves by targeting our server (and others). Sorry for the inconvenience.

Most of these 'attacks' are targeted at the database, but some are more ddos-like and can be mitigated by using a CDN. Some other Lemmy servers are using Cloudflare, so we know that works. Therefore we have chosen Cloudflare as CDN / DDOS protection platform for now. We will look into other options, but we needed something to be implemented asap.

For the other attacks, we are using them to investigate and implement measures like rate limiting etc.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] fubo@lemmy.world 13 points 1 year ago* (last edited 1 year ago) (1 children)

There are a couple elements that a DDOS mitigation system needs to have.

It needs to be able to absorb the raw network traffic of the attack. A purely volumetric attack seeks to just overload the network pipes that lead to the servers. This can be with junk packets that don't even make sense to an OS kernel, but have a valid destination IP address so they get through the routers. If the DDOS mitigation system acts as a filter in front of the servers, it has to not get overloaded in the same way the routers do.

It needs to allow good traffic through to the servers. If the attack causes the pipes to just shut down and reject all traffic, then the attack has succeeded. So the mitigation system has to distinguish attack traffic from good traffic, and keep the pipes open enough to let the good traffic through.

For attacks trying to do expensive stuff on the database, or create spam posts, one useful reflex the system can have is to notice when an endpoint is doing those attacks, and then block it at the network layer.

That is not necessarily easy, and it requires control of the network ingress, which arbitrary hosting providers may not be able to provide.

[โ€“] TheBeege@lemmy.world 1 points 1 year ago

Thank you for the clear explanation. It seems a lot of folks here don't understand the tech, but this explains things clearly and accurately