As of now, we are at the second day of fighting with an ongoing DDoS attack. Alex and HFW team managed to relief the situation, but there're still some issues (forum feed, occasional slowdowns), and if the patterns happen to change BoonEx.com may be unavailable for some time.
Fret not though, whatever doesn't kill us, makes us stronger. And this is certainly not a kind of thing/people that may kill BoonEx.
UPDATE:
We have finally managed to take the attack under control. Due to some changes we had to make to traffic management some subdomains didn't work, including those that serve licences verification, download, etc. We're fixing it all now. Some of you may have been unable to login to your admin panel, since BoonEx data couldn't load. This problem occurred before due to BoonEx News RSS and license verification. We removed this dependancy some time ago, so Admin panels do not depend on RSS feed or license check. Unfortunately we have overlooked version checking mechanism, which still depends on BoonEx.com. We are really sorry about that. Long time ago our intent was to free your admin panel completely, and this is a misfortunate mistake. We are fixing it in 7.0.2 and in your current installation you may use this workaround: ------- set the following setting option to 0: [8/06/10 9:27:16 AM] Alex Trofimov: Admin -> Settings -> Advances Settings -> Other -> Show boonex news in admin panel ------- NOTE: version check and RSS feed in your admin panel are there for good reason. It is the way for us to notify you if there's something urgent, like a security update or a new version. This is not to spam you, but to inform you, and it can be turned off.
--------------
--------------
Yeah, weekend sucked, but we've learned a great deal. At the very peak they were firing 50Mbps of traffic at us for a few hours. Somebody must have ordered an expensive botnet attack. We almost feel flattered.
Takeaways from this weekend:
1. We found a few spots that needed improvement. That will help us writing software that performs better.
2. We learned a few performance-tuning tricks for our dedicated server.
3. Found a good 3rd party protection service.
4. Found that pesky version-checking in admin panel.
5. Made a few notes for upcoming Dolphin releases.
6. Figured that we need to get rid of clutter in some (many) places.
All in all, we're good. On to 7.0.2 preparation.
Good luck guys. Don't let it get you down.
@houston: Someone did mention an umphy botnet at their disposal a while back, yes. Might be a good idea to set up a separate domain/server(s) for redundancy to take over when one server is down. Just set up a script for checking see more
I am surprised we haven't seen something like this here before now being dolphin is fairly popular. One of the things any server administrator should look into preventing and might deal with at some point.
Hope you got it tuned up and squared away. You know what they say shit happens!
I've had no trouble logging into my admin. You have to set Admin --> Advanced Settings --> Other --> Show boonex news in admin panel: To 0
This stops the admin pages from waiting forever on the boonex news to load.
@LightWolf my intuition says you are correct on the "dead man walking" response...
It's only the admin home page that's waiting on the boonex news feed.
Anyways, should cut down on the panic some (at least for the people in our database).
-Smoge
Knew something was up the other day when I got an insane error message page trying to load Unity. (It was so screwy I decided to save it as a webpage in case it was important.) If this can happen to Boonex, what chance do WE have?
There is also a featured modules section shown on the admin dashboard. Anyway to shut that off?
firefox,google chrome and ie8 break the connection off.
only with my mobile phone i can write this.
Damn, this had been driving me nuts. I had no idea that there was another way into the admin section that would work.
Thanks man, you're a life saver.
@bennyan - Boonex has been under attack for several days. It may be a while yet seeing as how things aren't functioning correctly here yet : (
Keep trying and maybe you'll get lucky.
We have finally managed to take the attack under control. Due to some changes we had to make to traffic management some subdomains didn't work, including those that serve licences verification, download, etc. We're fixing it all now.
Some of you may have been unable to login to your admin panel, since BoonEx data couldn't load. This problem occurred before due to BoonEx News RSS and license verification. We removed this dependancy some time ago, so Admin panels do not depend on RSS see more
I bet this isn't the way you all planned on spending your weekend huh?
Good job keeping things fairly functional as much as you have.
Takeaways from this weekend:
1. We found a few spots that needed improvement. That will help us writing software that performs better.
2. We learned a few performance-tuning tricks for our dedicated server.
3. Found a good 3rd party protection service.
4. Found that pesky version-checking see more
"4. Found that pesky version-checking in admin panel."
It has been an issue since 2005 with aeDating / BoonEx products.
http://www.modmysite.com/free-mod-exchange/325-quickmod-3-disable-version-checking-admin-faster-login.html#post612
and other posts on ModMySite.Com
Andrew, while you are at it, can we also beg for the Prune(Clean Database) settings not defaulting to 180 days! Maybe NEVER (or 9999) is a better default setting. Do see more
Off topic but... worth a reply perhaps.
Why use ffmpeg.exe ? Even on a shared account, the server administrator can add this to the server as a system call.
Use a system based ffmpeg... compiled from source or a yum (or apt-get) load.
With this, you have the latest and greatest ffmpeg, and you (or the system admin) can add codecs as needed!
Smoge
1.We learned a few performance-tuning tricks for our dedicated server.
2.Found a good 3rd party protection service.
3.Made a few notes for upcoming Dolphin releases.
Maybe Andrew would like to share some of these things with us, like the performance-tuning and protection service. It seems this might be useful information to anyone running a Dolphin see more
Alex also made a few changes that lowered the load to our server while attack was on it in full. He'd be able to share his observations later.
As for see more
It was really good to know that you guys are negotiating for a big userbase site, it will really help grow Dolphin fast and I am pretty sure this is just the start for Dolphin ....
Keep Rocking and keep Smiling !!!
Mick - Toronto
Smoge