Some will hate it some will love it. Here is the deal: Donations have been down (virtually zero) and we have been burning through the development budget to keep the site online with ddos mitigation. Needless to say this is a dead end, especially since the mitigation in place fails to twarth the larger attacks without us shelling out even more. In other words, we were throwing money into a bottomless pit. Cloudflare is less expensive and while not a full mitigation provider deters similar attacks, especially those smaller in size. Most of all, overall performance and page load times for most parts of the site should improve, especially for our european visitors. Either way we're giving this a test run, we will see if this works out for us. I will also in the next few weeks be looking into the well overdue ssl support, but this might take a little longer to setup as wildcard certificates are rather expensive and pushing the forums into the root/community/ directory will require for us to look at the url rewrite engine. (wordpress / xenforo) I might not have explained it all correctly, nor do i know if everything comes across as it should. The bottom line is: If in the next few days people get weird warning pages and so forth: We're testing out a new service. Thank you.
Yes, we've been using them for several websites and have so far been very happy with it. It is however the first time we're using it on this one. Some things could still use some slight improvements, but it's nothing that would warrant not using the service.
Bah, completely skipped the part where we have thousands of remotely hosted images linked into posts. Now i remember why we didn't set up ssl before. My bad, not something that is going to happen within the next few weeks. Fixing that is going to take a little bit more than setting up certificates.
it's possible to do so by sticking a server with a vpn and a nginx (x-accel-redirect) reverse proxy for remote adressess. Vpn to prevent giving out the origin IP for "sneaky" "hi your ip is **.*.**.***" kind of image sites. Obviously this would take time to setup and test properly. Wouldn't want to introduce gaping wide holes. But then we could add ssl on that and any and all images are served through the ssl proxy Then videos.. ooh well it would take some more time. Good luck with your project.
Thank you. [we] won't need to go there. SSL would be nice but the stakes are lower. Sometimes it just feels good to be reminded that [we]'re not alone. Edit: http://forums.whyweprotest.net/thre...velopers-to-join-the-team.77426/#post-1944645
Too tech-illiterate to understand hardly anything being discussed in this thread, but I'm confident WWP admins and other staff will figure out a good plan of action. Thanks for all the work you guys do.
I have been wondering why the cloudflare splash page has been displaying instead of the forums, was it a result of a transition or a D/DoS attack? I couldn't even post a reply to the november 19th thread or read replies. I hope all is well.
I have never noticed a problem because of cloudfare, I use open DNS though so maybe updated faster than normal DNS? if that has anything to do with it... also i have a middle mouse button on my mouse wheel.
I think it was last night UK time.... but can't say for sure, I didn't pay much attention, just saw the cloudflare page and figured it was a (D)DoS and went else where, never payed much attention to the time. Shouldn't it be in the server logs?
maybe in the logs of cloudflare but i don't think the server logs would show anything, maybe LACK of traffic? the whole point of cloudflare is to protect us from such attacks and I would figure a brutal attack would show a default page. I dunno. please submit a freedom of internets request with WWP by filling out form BH22 completely along with a scanned image of 2 Cheerios box tops and wait 6 to 8 weeks for us to contact you back by phone where we verify your membership, then wait another 2 weeks for tech support to send you a support ticket number. From there you may have to wait 1 week to receive a confirmation email that WWP has received your support ticket. 3 days after that you will receive a form letter stating that your security level does not require WWP to disclose traffic log information and to contact Phoenix Wright in our legal dept.
The lack of (or major drop in) server logs for a specific time a pretty big clue of something going wrong. AKA Cloudflare blocking the requests.
So either way, if I see the default page showing, I'll screencap it and link to it here. It said something about the site being down (last week I assume) and that there was no cache or mirror available? A screencap will really be helpful.
I don't have a screencap key, I still use an old machine so I only have printscreen. Is there a program to emulate the new key? I have a windows key though. Instead I guess I'll just mock up in photoshop what I think people saw, like a police sketch.
Huh? Win Vista/7? http://windows.microsoft.com/en-US/windows-vista/Take-a-screen-capture-print-screen
Printscreen is on just about every keyboard except some laptops and netbooks, if you must, use a USB keyboard that has it. It's quite possibly the best key there is. There should also be some free windows utilities too. Linux has one titled "take screenshot" in the gnome area. Mac users, I forgot the shortcut key.
i used my DDOS button repeatedly (f5) until i got this to come up, then used printscreen to cap - hope it helps admins.
Site was unavailable for some time. As shown above, the off-line message came up on several tabbed pages I was working with.
Apologies, sue. I didn't take notes on the overall downtime. When each of 6 or 7 tabbed pages became inaccessible, I went AFK for about 30 minutes. According to the Anon post above it was a brief period.
It lasted for more than a few hours for me. I was disappointed. But after that while, it was back online.
I've noticed there seems to be an almost-daily downtime, between ~ 08:15 and 08:30 GMT. I can't give any specifics, but it seems to be more than 5, and less than 30 minutes duration. (It may not be every day, but has been at least 3-5 days a week) I'll see if I can get better numbers on that. Thanks, Jacky
There is a scheduled daily maintenance period. It usually starts around 00:10 Pacific Standard/or Daylight time and lasts for the better part of 30 mins. A member can stay on-line at WWP for this period, but if pages are interacted with, an error message is returned. When the maintenance period ends, a member can return to what they were doing on the site prior to the downtime.
