Today, like the past few days, we have had some downtime. Apparently some script kids are enjoying themselves by targeting our server (and others). Sorry for the inconvenience.
Most of these 'attacks' are targeted at the database, but some are more ddos-like and can be mitigated by using a CDN.
Some other Lemmy servers are using Cloudflare, so we know that works. Therefore we have chosen Cloudflare as CDN / DDOS protection platform for now. We will look into other options, but we needed something to be implemented asap.
For the other attacks, we are using them to investigate and implement measures like rate limiting etc.
The kinds of people who do these things can have different motivations.
Some DDOS operators are "hired goons" who will DDOS whomever they're paid to. However, in order to demonstrate their capabilities, they need to do some damage first. If they can cause a big outage, they can later point to that outage and say "we did that" as proof that they're capable of doing damage.
Some DDOS operators are ideological or identity/drama-driven. They decide that they have a Cause, and that this justifies doing some damage. The same groups might do DDOS and also harassment, doxxing, spamming, etc. — their goal is to cause misery to the Bad People and "drive them off the Internet" by whatever means they find handy.
Some DDOS operators are just plain extortionists. They crash a site once or twice, then threaten to keep doing it forever until the site owner pays them off.
Some DDOS operators are bored kids making trouble.
Some DDOS operators are nation-state agencies trying to censor foreign sites that say things they don't like. In one case, the China government attacked GitHub to get at the anti-censorship site GreatFire.
I don't hate the Chinese population, I just don't like how the Chinese government operates and how they use and manipulate their population. How they seem to be deliberately antagonizing diplomatic relations. Granted they aren't going as far as the Russian government is, but they are going pretty far to try to paint every western country as the bad guys.
And yes I know western countries aren't perfect - no country is perfect. But the actions of the Chinese government seems to be painting us in a light that is far worse than reality.
They tend to stick to the old Soviet way of relieving internal issues by giving the people an external force or government to hate rather than trying to fix their own issues. That "saving face" culture they have is really detrimental to their ability to move forward and fixing their internal problems.
The specific attack they were talking about involved 126.9 million network requests per second, over a sustained period of time, and it was a widespread attack where the source was millions of individual computers, suspected to be regular desktop PCs from (or adjacent to) China. In other words the attack involved malware that was rapidly installed on vast numbers of computers at the same time.
Due to the massive size of the attack, it was investigated thoroughly and the only sensible conclusion was that it was state sponsored. Specifically China likely to have used their widespread censorship tools to install malware that quietly attacked Github, likely without the owner of the PC from even knowing it had happened (the attack wasn't serious enough to disrupt the infected PC)..
That's not "hating Chinese" it's just pointing out a simple fact. Some DDoS attacks are state sponsored. And only a small number of states gate involved in such attacks.
Yeah I don't blame Chinese people for their government's actions. It's like hating Americans for what Trump says. Simply invite real Chinese people to post on Lemmy and give their honest opinions on GreatFire, and stop hurting their feelings.