:)
deleted by creator
Did you ever determine if it was a denial of service attack or just an influx from Hacker News (hi!)
Seemed to be a combination, we don’t have any major monitoring set up, but looking at our nginx logs, it was 55k requests in a short period of time. We posted to reddit a few weeks ago and hit the front page of some linux / OSS related subs, but the server held up fine.
Luckily adding an nginx rate limiter fixed most of the issues, as the problem wasn’t with rust, but with some clients w/o caching (IE bots of some kind), requesting all the files constantly.
deleted by creator
Limiter? I think we have 10 posts per hour, 2 communities / sign-ups per hour.
That’s why I came here anyway. Or maybe DDOS was also attracted by the sudden exposure on HN?
Ahh… the Hacker News hug…
Just gotta say that I really appreciate the work you are doing
Thanks, we’re trying :)
deleted by creator
All good now, the site might just load slower than usual now (we need to rework the database).
Yeah, I have been noticing long loading times.
Is this still ongoing? I’ve been noticing longer load times
Yes its gonna take some time.
deleted by creator
I have seen that. One of the users said that Lemmy “… must be getting the HN hug of death …”.
ahhh ok.
We have > 2200 connections to the server right now, its a DDOS. Rust seems to be handling it fine, but the nginx is having issues.
2200 does not seem like a DDoS in my opinion, I would expect hundreds of thousands in that case
I’m reading it as the 2200 connections are between nginx and the rust component, not 2200 to the edge nginx.
I agree to this as well.
I’m surprised nginx is having issues. I’ve personally handled nginx instances at more than an order of magnitude of connections.
There should be good low-hanging fruits in configuration to exploit to help handle more load.
deleted by creator
We definitely will never use Cloudflare, they’re an absolutely awful company that’s managed to weasel their way as a snoop in the middle to nearly half of all US internet communication.
Definitely not.
deleted by creator
I’m guessing we got x-posted to the donald or something.
I just made an account and came from HN. I hope it is just a good ole regular hug of death!
Welcome, I like this because it feels like HN but it has other communities as well if you get what I mean. Hope you enjoy it here :)
deleted by creator
is that you reddit?
deleted by creator
FLAT THE CURVE! FLAT THE CURVE!!!
Hmm, this is very strange. I never thought that this type of attack is possible in a decentralized p2p application. By the very least, I did not find a single mention of this in all the sources that I found https://utopia.fans/networks/ddos-attack-what-it-is-and-how-to-trace-a-ddos-attack/ https://lemmy.ml/post/35712 .
deleted by creator
It is, luckily I have the DB fixes finished, and should be deployed to here within a day or so.
Site breaking so much it took ten minutes to post this (if it goes through this time).
Apologies, my main priority rn is DB rework.
deleted by creator
deleted by creator
hmmm…isnt p2p kinda prone to those attacks 🤔
I understood lemmy is decentralized p2p network how is this possible then? ELI5?
this OP post is a month old. It wasn’t being DDOSd it was trending on HackerNews. Also lemmy isn’t p2p its federated. This means it still works like a traditional server but can connect to other servers. In other words it’s Decentralized but not Distributed.
