View Full Version : We're Back! (08/14/20)

08-13-2020, 11:17 PM
Dear Community,

We are pleased to welcome you back to Anthrogenica!

As we had stated in the updates shown on our landing page, the forum experienced a distributed denial of service (DDoS) attack on Tuesday 4th August 2020.

By a stroke of good fortune, our administration noticed the attack within 90 minutes of its commencement. We immediately reactivated CloudFlare (https://www.cloudflare.com/) and, in view of the persistent bugs the community had experienced during its' implementation from September 2019 to May 2020, took the decision to temporarily close the forum while we sought solutions to said bugs and investigated different strategies.

After several days of extensive debugging, testing different security models and evaluating their ability to address the DDoS bot floods, we confirm that:

Our new measures have rendered us DDoS-immune, and
All known site bugs associated with our previous implementation of CloudFlare have been resolved

In summary, you all return to a more secure and error-free forum experience.

Many of you likely have questions beyond what may be addressed in the above account, which we've preemptively answered in the spoiler box below.

As part of our new strategy, we have had to purchase third party technology to fend off the bots, which is active right now. Our ability to immediately secure that software package was only made possible through the kind contributions of our Subscription Class members and the donations made by members of our community.

As stipulated in our Sustainability Model (https://anthrogenica.com/showthread.php?7757-Anthrogenica-Sustainability-amp-Your-Support), all monetary contributions that our administration receives go exclusively towards Anthrogenica's upkeep and upgrades.

If you are a current (or past) Subscription Class member or had previously sent a donation, we thank you for directly contributing to the sustenance of this community.
For those who use the site on a regular basis but haven't yet done so, please consider becoming a Subscription Class member (https://anthrogenica.com/payments.php) (perks provided) or donating to us (https://anthrogenica.com/misc.php?do=donate).

In the event that you notice any site bugs or functionality issues which weren't picked up by our team's extensive debugging, a public debug thread will be created shortly in Forum Support.

Enjoy your return to us!

- AG Team

What is a DDoS?
Please refer to this page (https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/).

Was Anthrogenica hacked?
No. We experienced a sudden uptick in traffic on Tuesday 4th August 2020 that mimicked the confirmed DDoS in September 2019. A review of the traffic sources and liaison with our hosts determined that we were experiencing a milder DDoS than what was observed prior.
There is no evidence of any other malicious activity involving our servers or database at this stage. We take this opportunity to remind users to maintain as much anonymity and personal information security precautions as is deemed necessary.

Was it a single DDoS attack?
No. We noticed the first bot flood on the above-stated date. Thereafter, a second bot flood was observed on Saturday 8th August 2020. This occurred within a day of us stepping down our initial settings, which were similar to what was employed from Sept 2019 to May 2020. Whilst trialing other approaches, we observed that the frequency of bot flood attempts began to pick up.

Is Anthrogenica currently experiencing a DDoS?
Yes and no. Rather than a sustained, massive bot flood, we've been experiencing multiple-times-per-day 'mini-floods' since around Sunday 9th August 2020. Please note that this 'hit and run' approach has become increasingly common this year.
However, our current strategy has completely obstructed these bots from gaining any momentum.

Will these 'mini-floods' affect my user experience?
We do not anticipate it, no. Our near week-long monitoring of the interaction between our new strategy and these DDoS attempts confirm that we're both in control and impervious now.

Why did you have to close the site?
Given the longstanding issues associated with CloudFlare and vBulletin (both reported by our community and other sites), we wanted to ensure that the forum did not experience the intermittent (and frequently annoying) known issues relating to CloudFlare's activation which were previously seen and felt.
Furthermore, we were actively trialing different strategies beyond our prior default. Given the likelihood of transient bugs (which we did experience), we sought to bypass the perceived necessity for our community to actively report those to us.

Why was the site offline for nine days? Couldn't it have been shorter?
The overwhelming majority of that time was spent on; i) assessing and implementing different strategies, ii) monitoring the success of said strategies, and iii) actively debugging the site to ensure that full user functionality was granted.
We took as long as was needed given the constraints and (occasionally obscure nature of) the bugs we noticed.
The site was re-opened at the earliest and most sensible time and date.

Was Anthrogenica targeted?
Possibly. DDoS attacks are notoriously difficult to trace and are easy to solicit in current times.
Our forum is on a shared server provided by a mainstream host. As such, it's equally plausible that we were collateral to another site on our server being targeted.
In the event that Anthrogenica was specifically targeted by an individual and if they ever came across this message - You inadvertently served as the impetus for us to fix our longstanding issues with CloudFlare. Thank you!

What happens now?
If you see a sudden surge in guests viewing the site, please report that to us promptly.
Otherwise, post and browse away! Welcome back!