And more attacks…
May 20, 2015
Our website is subject to more attacks, since yesterday starting at about 9pm CDT, May 19, 2015. The changes done to our setup over the last two days seem to handle and slow it down enough to keep everything accessible, although definitely noticeably slowing things down. So I guess the good news is that the infrastructure did get a lot more stable thanks to this free “test data” from whoever is behind this. The bad news is, it also seems like they have a lot of patience and simply stretch out the attack to many more hours.
About the slowness due to high load on the servers: Although I can throw more machines at the problem to improve performance, this won’t fix the root of the problem. As it targets specifically the website login, I decided to temporarily disable it, for now, and tweak my filtering rules to punish abusive attempts even more aggressively than what I put in place, yesterday.
Update: at 6pm CDT on May 20, the attacks stopped. Logins are re-enabled and more work is underway to automatically blacklist nodes that are obvious part of the botnet we are dealing with, instead of just slowing them down.
Thank you for understanding,
May 18, 2015
It looks like what we experienced yesterday, and described in the previous post, started again at around 7:30am CDT, May 18, 2015, again. We disabled the website and forum login for now, while we continue to work on changes to handle this better in the future. Note that if you are logged in to the site already, you can use it as usual. Also, the game itself does not seem to be affected once you make it past the login.
Update: seems like the attack stopped around 11am CDT. With the insights from yesterday and today, I’m working now on automating the handling of similar attacks in the future. Login to the site and forum is now fully restored, however, if it picks up again before I get all the necessary work in to handle this in the future, it might need to be temporarily suspended again. Fingers crossed. Thanks for understanding.
Sorry about the inconvenience,
May 17, 2015
We are currently experiencing a malicious attack that started at 7:30am CDT, May 17, 2015, that is potentially preventing players from logging into the game, the forums, and the website. The game itself does not seem to be affected once you make it past the login.
Update: seems like we got a handle on it and the attack stopped as of 1:45pm CDT. We’ll keep an eye on this and improve our infrastructure to handle this better in the future. Thanks for understanding.
co na to rict..