EzraS wrote:
Things seem to work differently depending on what browser is being used. I don't understand why. But seems a majority of problems with this site is because of Cloudflair. I guess that's the only thing Alex can run WP on, because surely he would have switched to some other service a long time ago otherwise.
Must be the case because CloudFlare is pretty terrible and seems ineffective at what it's supposed to do. Couldn't access the site at all on the 18th. I do wonder how hard it would be to create an alternative. I am surprised WP hasn't ditched CloudFlare, there must not be alternatives I guess.
Presumably CloudFlare would be enough to stop "1 guy with his 1 computer" level attacks but I have some doubts there would be a DDOS attack because botnets cost money and who would care enough to spend anywhere from hundreds for self-hosted blogs to multiple thousands per day for DDOS, especially since this is a fairly decent size website(As in there is a server infrastructure most likely and not a random Joe's website hosted from his personal PC) so most likely would cost them several thousand per day or more to pay criminal botnets.
But who really knows, maybe someone is spending six figures or even close to a million per year on DDOS. All I know for sure is I can think of better uses for six figures or a million dollars or even if you wanted to spend that kind of cash on "hacktivism" I can think of better causes to fight for. Or what I'd pick between "keep a website down for a day" or go on 1/2 weeks tropical vacation.
Incidentally, what error does CloudFlare report if a site is down due to ongoing DDOS?
nick007 wrote:
I go to other sites that use Crapflair & they have similar problems. I randomly get messages about host error & I try again a minute later & it works OK till I suddenly get that message again.
I do wonder how they manage to stay in business. From my point of view websites certainly could go after CloudFlare to seek money back due to nonperformance.
The concept of what it should do is pretty simple, just watching incoming connections to detect if it gets flooded by the same IP address(es). Perhaps some manner of throttling/queuing for cases where the attacker is able to make their pings be identified as being from different source IP addresses every time or if there are repeating patterns. There's no such thing as a perfect solution but what should be expected is an increase in the resource commitment required by an attacker, it should not remain just as easy even with the service.
_________________
My account is often forced to do Captchas so I may be slow to reply or perhaps even unable to reply.