mersenneforum.org  

Go Back   mersenneforum.org > Fun Stuff > Lounge

Reply
 
Thread Tools
Old 2013-12-08, 11:29   #1
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

25·257 Posts
Unhappy Why does mersenneforum.org sometimes require registration to read?

Temporarily, the forums are closed to unregistered members.

We do not wish to do this, but the forum has been the target of a severe registration/spambot thing that we are thus far unable to counter.

For example, we looked at a random day recently and there were more than 60,000 (!) registration attempts.

We have attached a chart to this post to illustrate the problem. It is a combination of extreme registration attempts, extreme amounts of database queries and extreme "scraping" of every page the forum has.

Note that our "test" shutdown from 19-22 November produced reasonable bandwidth usage.

Unfortunately, this is not a problem that we can solve by throwing money at it. Please be patient until we can figure out what is going on.

Thanks!

Attached Thumbnails
Click image for larger version

Name:	bandwidth.png
Views:	216
Size:	16.8 KB
ID:	10552  
Xyzzy is offline   Reply With Quote
Old 2013-12-08, 13:10   #2
f1pokerspeed
 
Jun 2012

6A16 Posts
Default

So one thing that could be done perhaps is throw the server through CloudFlare. They have built in scaling DDoS protection, security for virtually all attacks and analytics for all traffic, including crawlers and threats.
f1pokerspeed is offline   Reply With Quote
Old 2013-12-08, 18:00   #3
TheMawn
 
TheMawn's Avatar
 
May 2013
East. Always East.

11·157 Posts
Default

Maybe we're just very popular?
TheMawn is offline   Reply With Quote
Old 2013-12-08, 20:44   #4
WraithX
 
WraithX's Avatar
 
Mar 2006

479 Posts
Default

I haven't looked too in-depth at these options, but it looks like both CloudFlare and Incapsula both have options to help protect web sites.

On the CloudFlare plans/pricing web page (here) you can see that they offer "Content scraping protection" on their $20 and higher plans. I don't see specific mention of this on the Incapsula pricing page (here).

I didn't see mention of protection against excessive registration attempts or db queries, but they might have special names for those (maybe bot attacks?).

Also, if you think this might be a problem in the future, they both have tiers to protect websites from a wide array of DDoS attacks. According to a recent (2013/10) report titled: "CloudFlare vs Incapsula: Round 2" (available here) you can see that Incapsula performed much better at protecting against the listed attacks.

With all that said, I think it'd be interesting to see what happens when the forum is behind one of:
CloudFlare Free ($0/month)
CloudFlare Pro ($20/month)
Incapsula Free ($0/month)
Incapsula Personal ($19/month)
Incapsula Business ($59/month)

The DDoS protection kicks in at the higher levels, such as:
CloudFlare Business ($200/month)
Incapsula Business+ ($299/month)
WraithX is offline   Reply With Quote
Old 2013-12-08, 20:58   #5
kladner
 
kladner's Avatar
 
"Kieren"
Jul 2011
In My Own Galaxy!

100111101011102 Posts
Default

These services might help. However, it should be borne in mind that hosting for the forum is $30/month, IIRC. Additional paid services would merit a higher level of contributions to support them. (So says a person who has yet to donate to the cause. )
kladner is offline   Reply With Quote
Old 2013-12-08, 21:33   #6
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
República de California

103·113 Posts
Default

Quote:
Originally Posted by Xyzzy View Post
Temporarily, the forums are closed to unregistered members.

We do not wish to do this, but the forum has bee
Mike, I suggest you put the above why-we-are-doing-this note on the registration/login page users now see, so folks are clued in to the "new look" startpage right away.
ewmayer is offline   Reply With Quote
Old 2013-12-08, 23:00   #7
ixfd64
Bemusing Prompter
 
ixfd64's Avatar
 
"Danny"
Dec 2002
California

2×5×239 Posts
Default

I wish we were getting 60,000 new GIMPS participants instead.
ixfd64 is offline   Reply With Quote
Old 2013-12-09, 20:30   #8
TObject
 
TObject's Avatar
 
Feb 2012

34·5 Posts
Smile

I have seen it a few times before—a popular web site becomes a victim of large scale attack, for seemingly no reason.

Then the site moves to CloudFlare and the attacks stop.

Wild guess: maybe that is how CloudFlare is shopping for new customers?
An even wilder guess: perhaps NSA wants all popular sites behind CloudFlare, as it makes it easier to snoop.
TObject is offline   Reply With Quote
Old 2013-12-09, 21:57   #9
chalsall
If I May
 
chalsall's Avatar
 
"Chris Halsall"
Sep 2002
Barbados

37×263 Posts
Default

Quote:
Originally Posted by TObject View Post
Wild guess: maybe that is how CloudFlare is shopping for new customers? An even wilder guess: perhaps NSA wants all popular sites behind CloudFlare, as it makes it easier to snoop.
I appreciate, and resonate with, your paranoia.

For reasons we don't fully understand, the forum is being attacked. It appears that some of the attempts are by low-paid humans.

Last fiddled with by chalsall on 2013-12-09 at 21:57 Reason: Fixed quote code.
chalsall is offline   Reply With Quote
Old 2013-12-09, 23:52   #10
TheMawn
 
TheMawn's Avatar
 
May 2013
East. Always East.

11×157 Posts
Default

Quote:
Originally Posted by chalsall View Post
For reasons we don't fully understand, the forum is being attacked. It appears that some of the attempts are by low-paid humans.
Spike them! SPIKE THEM!

http://www.youtube.com/watch?v=mIq9jFdEfZo
TheMawn is offline   Reply With Quote
Old 2013-12-10, 00:06   #11
Uncwilly
6809 > 6502
 
Uncwilly's Avatar
 
"""""""""""""""""""
Aug 2003
101×103 Posts

9,787 Posts
Default

Quote:
Originally Posted by chalsall View Post
For reasons we don't fully understand, the forum is being attacked. It appears that some of the attempts are by low-paid humans.
Are you sure that they are not humans that don't realise that they are helping an attack?
I can think of one person who is currently "wearing a purple jersey" that might be upset enough to do this.
Uncwilly is offline   Reply With Quote
Reply



Similar Threads
Thread Thread Starter Forum Replies Last Post
Registration impossible Unregistered Information & Answers 6 2013-06-14 12:38
does Windows XP require more memory now? ixfd64 Lounge 7 2009-06-24 03:36
No registration? Unregistered Forum Feedback 0 2007-08-12 23:44
Registration... Xyzzy mersennewiki 0 2006-05-21 17:15
chance of finding a factor?......Read me read me read me :) Firedog18 Software 9 2003-07-25 17:10

All times are UTC. The time now is 07:20.


Sat Jul 17 07:20:14 UTC 2021 up 50 days, 5:07, 1 user, load averages: 2.06, 1.61, 1.55

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.