DDoS attack. Dolphin 7.0.2. Unity.

Andrew Boon posted 9th of June 2010 in . 28 comments.

We have some updates and thoughts to share. The last week was quite chaotic and we're still in turbulence. We receive letters and messages offering tips and help, which is great and often helps. We are very grateful for support and patience that our community shows during these days. So...

DDoS Attack

It's not over. Sadly, such attacks are becoming more and more widespread and sophisticated. You might have heard that last year Twitter, Blogger, and even Facebook had hours of downtime and days of slow performance because of vast attacks. It may be hard to cut them off completely. Still, there're ways to surpress them and we have tried a number of things over the last few days. I'll try to give a general idea:

- BoonEx server at HFW is quite powerful and it could handle well over 1500 requests per second. So, it's not a matter of hardware capability, especially when you consider that "you can't outmuscle DDoS attack, you can only outsmart it".

- We have used different software firewalls and combinations of settings and it helped at some stage. Ultimately, the flow was so big that Apache couldn't even process requests.

- We went to ServerOrigin for help and they are filtering our traffic now. See chart below:

Basically they are using mixes of hardware firewalls, load balancers and proxy servers to filter out abusing IPs. In our case it's still not simple, because requests come from a great number of IPs and with changing patterns. Still, about 90% of them are filtered.

- Failover-protection setups are not applicable now, since BoonEx server, per se, doesn't fail and even if we had a server farm of mirrored boxes, that would still boil down to a war of resources, not solutions.

- Moving BoonEx.com to any other host, cloud, server is not a quickie and should be done at better weather.  So, once we are back to normal loads, we'll start moving to a host with included enterprise-level DDoS protection. Currently we are considering softlayer, gogrid, EC2 and rackspace.

Dolphin 7.0.2

No panic here, it's almost ready and should be available in a day or two. We are moving service callbacks to background, following the latest few bug reports, and preparing upgrade script. Dolphin 7.0.2 will also be available at a separate download location. Your site with 7.0.2 will no longer be affected by BoonEx.com performance/uptime (except for the initial license registration).

Unity

We are preparing some minor changes at Unity, which you will see gradually appearing...

Blogs will be removed from homepage or Blogs homepage. They will remain a property of Profiles only (except for BoonEx blogs). This is done to limit advertising and conversation (which should happen in Forum) on Blogs. Users would have more freedom in their blogs, but their blogs would be read only by those interested in the particular author, or when it's contextually linked from Forum.

Market will receive "Staff Picks" section, where we'll be featuring some of the best extensions available at Unity, as per BoonEx staff opinion.

We're playing with the idea of adding something similar to "global categories", like "dating", "facebook", "adult", etc to group extensions, jobs, and possibly forum posts into niches.

Note, the best place to get updates if BoonEx.com is down is twitter.com/boonex. If Twitter is down (happens more often than with BoonEx), then facebook.com/boonex. If BoonEx, Twitter and Facebook are all down, then have some sleep or watch a movie and come back.

 
Comments
·Oldest
·Top
Please login to post a comment.
modmysite
Softlayer is good... only bad is, no port speeds higher than 1Gbit/sec and no FiberSan.
But we still love them!
Andrew Boon
Anybody else who you would recommend above Softlayer?
theguypc
Thanks for the update.

It's really sad that the Internet is subject to crap like this. It's even sadder that they are attacking a site that provides an open source script, like Boonex does.

Good luck on getting rid of the attackers, and on finding a new hosting company with better protection against this kind of bologna.
mastermindsro
"If BoonEx, Twitter and Facebook are all down, then have some sleep or watch a movie and come back." Nice sense of humor :))
Denre
Thanks for the updates Andrew, it's much appreciated!
DeeEmm
Keep up the good work.

/DM
kinuthia
Thanks alot Andrew and keep up the good work.
modmysite
>> Anybody else who you would recommend above Softlayer?
Andrew - I responded to your private message with detailed comments.
-Rob
houstonlively
I hope you guys at Boonex find out who is responsible for this. Scumbags like these need to be removed from society. I can't imagine anyone with normal mental health doing this.
CALTRADE
What callbacks are still in our sites? Anything other than Boonex news? I thought you had gotten rid of those?
Andrew Boon
BoonEx news are already in background. What we missed is version check. The little thing that tells you which version you're using. Fixed in 7.0.2
dolphin_jay
i think you really need to move away from the mom and pop type hosting companies so to speak at this stage of the game and jump on a strong backbone like at&t, verizon, or fujitsu who provides verizon there services.

Pick a company that monitors there systems by more then one person at a time if at all. Some of the hosts listed do not even look untill a problem comes up. Again you need this place watched over by a group of people 24/7.

I know the three i listed up there are not cheap see more by any means, but i think you are going to have to spend some coin on this to be sure this dont happen again. I think if you pick a big company that is the "backbone" of the internet a red flag will go off much sooner rather then later.

I also think if you pick a big company they will be more willing to track down and take action of any type to find the person/s that are up to no good.

Just my thoughts. this on is going to cost some money.....
Andrew Boon
You're right. We're moving to softlayer and get serverorigin on top.
dolphin_jay
I'll be honest here i had to remove all call backs myself including lic check , rss feeds and version check. anything http://boonex .....
Andrew Boon
You have every right to do so, as long as you have a permanent license. If not, you'd have to figure out the way to display BoonEx footers.
houstonlively
Andrew, will you eventually be able to provide a geolocation map of the offending IPs? It might be useful information for all of us, if we knew that such attacks were more likely to originate from certain parts of the world than others.
DeeEmm
LOL my recent attack came from Texas.

/DM
houstonlively
From what I have read in some forum post here on boonex.com, I think some newbies have successfully launched dos attacks on themselves, using D7.
DeeEmm
LMAO - that I can actually believe

/DM
tomakali
Andrew, try http://iweb.com/dedicated/power-servers/
Andrew Boon
We went for SoftLayer. Organising the move now.
annabel
Welcome back ... again :-)
adultnet
Because i am used in ddos attacks ,
for me good service they have sharcktech for cheap host
and for real good anti ddos attacks the best is gigenet.com
i talk for attacks over 20gb
gameutopia
I have been using softlayer network for around 3 years now. They are my preferred choice. I will try others but only a select few come close. I would avoid rackspace. I never had any luck with them. They were good a number of years ago, but they wouldn't be my choice now not even close. Of course nothing is perfect an depends on the actual setup. I had a decent setup in a dallas colo a few years back and that thing never went down. Almost a year strait with 100% uptime no kidding. Everyone talks see more about the planet too, but honestly I think they suck too. Many of the datacenters slap together a cheap piece of junk and plug it into a piss poor network to make money. They need to make money too, but man I would pay a few extra $'s for a halfway decent server with a good connection. Very few can really deliver that. The big hosts use them cheapies because that is how they make their moola. Cheap servers and network = cheap prices and cheap prices to the end customer. It is really worth it for a company like boonex that isn't providing hosting to pay a little more and go with a superior company/datacenter that really is decent rather than a host that basically subcontracts it from one of the cheap datacenters like host for web does. They are not the only ones, most do the same thing. That is how they make the money.
bizzi
Most standard DDOS attacks don't work any more.. (Not powerful enouph now days) So people use zombie systems also known as bot nets. If I could get a list of attacking IP addies... I'd be happy to extract a zombie from one of them and find out where it's getting it's commands from. I normally only do it for cash. But having a unlimited license at what I wanted to pay for it ( which I already got)... seems like a good trade.

Let me know. If anyone even takes me seriously...lol....
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
PET:0.22553992271423