Webmaster Note: Details about the performance problems of the last weeks and what we did to solve the problem (we hope you definitely)
“Hello everyone,
I just wanted to give some information about the performance problems of the last weeks and what has been done to mitigate them and, hopefully, contain them.
The problem
At some point in May, traffic on our website multiplied by ten in just a few days. Until then, our daily number of visits from unique IP addresses (mostly people, many search and artificial intelligence bots) was around 200,000, with a total of accesses (pages visited) between 5 and 6 million. On May 31, the number of visits rose to 1.6 million, but the accesses remained between 6 and 7 million. This means that those 1.5 million additional visits They were not real usersbut bots and other malicious actors repeatedly hitting our server with access requests. It was not only an IP, but thousands of new IP addresses (A “DDOS” attack, or distributed service denial attack).
This traffic increase was too much for our only server, and that caused a problem cascade:
-
Server records filled the root partition, which left No disk space for essential services (such as scheduled tasks).
-
The flood protection thresholds of our hosting provider were repeatedly activated, turning off mail and cache serviceswhich affected central functions of the site.
-
Site performance fell so much that many users received Errors 503 When trying to access.
The cause
The origin of attacks or motivation behind them is not yet clear.
However, now that we understand better what kind of attacks were and the damage they caused, we have a clearer panorama of how they were carried out and how (we hope) we can contain them.
The solution
As announced before in this space, I have added a Third Party Firewall dedicated to the site. In a way, it is a miracle that we have been able to work for so long without it, considering how Internet has changed in the last 24 years since the site was born.
This firewall includes service monitoring, a series of additional measures to close attack vectorsand most importantly: DDOS protection. He took time to configure it, but the last week he has already shown a remarkable improvement in the server load, although there were still some problems to solve to find the right balance between functionality and restrictions.
The most important thing is that, from July 1 at noon, All site traffic passes through the Firewall without exception. Yesterday we had about 200,000 visits, which is just the number we had before all this mess. It's just a day, but it seems very promising.
Final reflection
I want to remind you that Cagematch is a hobby projectmade to measure and programmed by myself, and maintained by a fantastic group of volunteers who dedicate part of their valuable free time to add or keep inputs in our database. We are not a multi -million dollar corporation (and no, Nor does any pay us) that can launch money and an army of developers to solve these types of problems. They have been stressful weeks, trying to understand what happened and how we could fix it.
For the first time in weeks, I feel that we have control again. I hope not being tempted by saying this, so I'm going to touch wood all the rest of the day.
Thanks for your patience.
Philip
