# VPSBOARD getting attacked now?



## AnthonySmith (May 16, 2013)

It seems like this place is getting DDOS'ed now, it was put in Vegas for some degree of protection at the expense of poor response times for the EU users and the protection is obviously not working to well, or am I way off target here?


----------



## shovenose (May 16, 2013)

I think you're fairly right on honestly. But I'm in California so when it works, latency is great


----------



## Aldryic C'boas (May 16, 2013)

You're partially correct.  There was (and still is) a booter hitting the site's IP - it just took me a few minutes to get it properly filtered; hence the slow load times earlier.


----------



## Lee (May 16, 2013)

Seems that way, I think it's in behind Fran's Network.  That said, if this place get's the attacks LET get's it won't last too long.


----------



## Jack (May 16, 2013)

ServerCubes said:


> Seems that way, I think it's in behind Fran's Network.  That said, if this place get's the attacks LET get's it won't last too long.


No attacks have been mentioned against them since Mr Cyprus.


----------



## Francisco (May 16, 2013)

ServerCubes said:


> Seems that way, I think it's in behind Fran's Network.  That said, if this place get's the attacks LET get's it won't last too long.


Our filtering handles just fine and whatever actually passes to our router we add a few extra filters for locally and it's good to go.



HEIL PONY o.o/

Francisco


----------



## PwnyExpress (May 16, 2013)

Well any other paths to this board: Fucked

Via the land of the ponies: works fucking great

What gives?!


----------



## Aldryic C'boas (May 16, 2013)

PwnyExpress said:


> Well any other paths to this board: Fucked
> 
> Via the land of the ponies: works fucking great
> 
> What gives?!


Nah, it's the PHP that can't keep up now.  The community went from small to OSHIT in a couple of hours <_<

It's being looked into now.


----------



## Francisco (May 16, 2013)

PwnyExpress said:


> Well any other paths to this board: Fucked
> 
> Via the land of the ponies: works fucking great
> 
> What gives?!


That shouldn't be the case anymore.

Francisco


----------



## Alto (May 16, 2013)

Seems OK from the UK.


----------



## SeriesN (May 16, 2013)

Pony to teh rescue.


----------



## D. Strout (May 16, 2013)

Up and down for me in New England. Gonna be a while before things stabilize - what fun.


----------



## Francisco (May 16, 2013)

D. Strout said:


> Up and down for me in New England. Gonna be a while before things stabilize - what fun.


Had to bust out an old monitoring tool we got rid of a while back to help clean things up some. Bit bumpy but I have CN also tuning.

Francisco


----------



## titanicsaled (May 16, 2013)

Maybe it would be worth considering adding a POP in Europe to help distribute the load and provide better speed for Europe users?


----------



## Francisco (May 16, 2013)

titanicsaled said:


> Maybe it would be worth considering adding a POP in Europe to help distribute the load and provide better speed for Europe users?


That's Curtis' choice, I have no say in the matter 

LE* was behind cloudflare.

Given how annoying this flood is it's possible cloudflare will wack him for $200/m.

Francisco


----------



## Amitz (May 16, 2013)

Is there any concrete clue where the attacks originate from?


----------



## Mun (May 16, 2013)

http://www.lowendhelp.com/forums/ can take a beating if needed, just saying in case this forum goes and gets attacked a ton and we want a place to communicate


----------



## AnthonySmith (May 16, 2013)

It has been up and down all day, I assume it would have been worse without your filtering (This is the 3rd time I am trying to post this) Hope you catch the nasty B*********ds


----------



## MannDude (May 16, 2013)

Yes, we're going to investigate additional options on keeping vpsBoard online with minimal interruption. Fran and BuyVM are doing a great job and going above and beyond for an _unmanaged_ service, however there will be a mirror setup later today for failover and some other neat things in store too.


----------



## Mun (May 16, 2013)

How large of an attack? I might be able to route it through my cluster.


----------



## Aldryic C'boas (May 16, 2013)

Mun said:


> How large of an attack? I might be able to route it through my cluster.


Size was irrelevant in this case.  RUDY floods are nasty, and require manually parsing/setting filters.


----------



## SeriesN (May 16, 2013)




----------



## Mun (May 16, 2013)

throw 1 minute cache on nginx cluster with a max Number of requests in a minute.


----------

