An Early Birthday Gift? First (Impactful) DDoS Attack on Our Site Since Last Year.
Tux Machines was under DDOS attack earlier today. Slow, but still available:
This impacted the sister site too:
THIS morning we suffered the first noticeable DDoS attack as the old tuxmachines.org
site got bombed by requests that made no sense. For instance, this old review of OpenSUSE (from 17 years ago!) was requested about 371,032 times in one hour. It was the most targeted page, but not the only such page. This was the first time since moving to the static site generator that we actually needed to intervene. The site was still available, but it was slow. The load average was normal, the DC network was not slow, but the volume of requests clogged up the queue.
We checked carefully and indeed, it was a bunch of rogue bots pretending to be legitimate users/visitors...
What's noteworthy here is that this was the first time since moving to the static site/page generator... that we experienced such an attack... it did not effectively take anything offline, but the server was just choking on very high traffic demands and could not deliver pages fast enough.
Tux Machines was definitely under a DDOS attack (another person checked to verify), but the site was coping OK, only rather slowly. Good thing the site dumped Drupal, or else it would barely cope with even a tenth of that attack's scale.
We don't know for sure who's behind the attack, but we can only guess. We can make guesses based on circumstantial evidence alone.
At risk of sounding rude, we're currently dealing with Microsofters who want to see our sites offline. They even say so themselves, in public. █