Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
geerlingguy 8 hours ago

I tried as hard as I could to stay self hosted (and my backend is, still), but getting constant DDoS attacks and not having the time to deal with fighting them 2-3x a month was what ultimately forced me to Cloudflare. It's still worse than before even with their layers of protection, and now I get to watch my site be down a while, with no ability to switch DNS to point back to my own proxy layer, since CF is down :/

VladVladikoff 8 hours ago | parent [-]

This is wild. Was your website somehow controversial? Ive been running many different websites for over 30+ years now, and have never been the target of a DDOS. The closest I’ve seen was when one website had a blind time based sql injection vulnerability and the attacker was abusing it, all the SLEEP() injected into the database brought the server to a crawl. But that’s just one attacker from a handful of IPs, hardly what i would call a DDOS.

geerlingguy 7 hours ago | parent | next [-]

I made the mistake of telling people it was hosted on a Pi cluster in a YouTube video a couple years ago, and asked nobody to try DDoSing it. I was a bit more naive thinking the YouTube viewer community was more like HN where people may joke about it, but nobody would actually do it.

I was wrong, and ever since I've dealt with a targeted attack (which was evolving as I added more CF firewall rules). At this point it's taken care of, but only because I have most things completely blocked at the CF firewall layer.

bobdvb 6 hours ago | parent | next [-]

Until I changed job recently, I spent the past 8 years working in an area of tech that many people on places like HN and Reddit think that the work is a horrific waste of effort (DRM and content security for a streaming company).

The idea that if companies like my former employer would stop doing DRM their audience would embrace it is rife idealism. But based on bitter experience so enough people will do bad things just for the lulz that you need to cover your ass.

My home lab will never have an open port, I'll always put things behind a CDN or zero trust system, even then...

FWIW, it's worthwhile just for educational reasons to look at abuseipdb.com quite revealing.

engeljohnb 2 hours ago | parent [-]

I'm a lay person, but do you mean DRM isn't just copy-protection? Is it also network security?

Imustaskforhelp 7 hours ago | parent | prev [-]

Jeff the reason why I think is that youtube community is more main-stream and I would consider you to be a really nice youtuber but even that might attract some bad faith actors just because of how main-stream youtube is as well compared to HN which is more niche-overall

(also congrats on 1 million subscribers but I know you must be tired of listening it but have a nice day jeff! Your videos are awesome!)

shagmin 5 hours ago | parent | prev | next [-]

When I was younger and living in military dorms, I put a old throw away laptop hosting a simple website via Apache on the internet. Every time I checked the log it'd be full of so many random, wild spurts of attacks (granted I had basically 0 legit traffic).

pclmulqdq 7 hours ago | parent | prev [-]

I think people sometimes mistake legitimate traffic spikes for DDOS attacks. My blog has the former, but no site I have ever hosted has seen the latter.