EDIT: TBC, here’s the current message seen when refreshing a PF stream:

“Piefed.social is having a denial of service attack. They are being kept at bay for now but could return with a more effective method. Download your community subscriptions so if you need to move to another server it’ll be painless - with a few clicks you’ll be seeing all the same content as before. See list of alternate servers at here or here.”

Possible causes?

  • Fellow instance that got PO’d somehow? (seems like a major stretch)
  • Just random hackers havin’ fun?
  • Reddit or similar, targeting one of the top growing instance softwares in ActivityPub / FV? EDIT2 : the timing certainly seems to fit for the recent influx of users coming from Reddit. (see comments)
  • Some right-wing entity, not happy about the general rational / left bias to the instance?
  • Other…?

In any case, much thanks to our instance runner and dev for fending off the first wave(!) Hope everything is backed up and possible to be restored if the worst happens.

(seriously, what a shitty way to be repaid for doing a great, ongoing job for the community and FOSS)

    • mesa@piefed.socialEnglish
      7·
      2 days ago

      It its all one url from many different ips that dont really go anywhere, then its probably just regular old DDOS. If your successful, at some point you get them.

      I hate to say it but cloudflare has “fixed” this issue a while back and is one of the better solutions. Which of course sucks because it becomes another layer on top of infa that has gone down in the past.

      All the fun of being a sys admin :)

    • JohnnyEnzyme@piefed.socialOPEnglish
      3·
      2 days ago

      Wouldn’t that tend to show up to the host as such, or as temporarily increased general activity?

      DDOS is a very specific kind of attack, as I understand it, involving overwhelming a server with rubbish packets.

      • artyom@piefed.socialEnglish
        6·
        2 days ago

        DDOS attacks and AI scraper bots are technically indistinguishable. Both are just crippling the server by making an absurd number of requests.

        • JohnnyEnzyme@piefed.socialOPEnglish
          3·
          2 days ago

          Okay, that’s interesting. Note however that the instance runner specifically ID’d this as a DDOS attack. See copy of their message in side-comment here.

          • artyom@piefed.socialEnglish
            2·
            2 days ago

            I don’t see anything except an absolutely massive image of some sort of warning symbol. What is a “side-comment”?

            • JohnnyEnzyme@piefed.socialOPEnglish
              2·
              2 days ago

              Sorry, I wish I hadn’t uploaded that. The silly image is relatively tiny, but got blown up. Anyway, so you can’t see the other comments in this thread? Are you hitting it from an app?

              EDIT: I’ve copy-pasted it in to the main post.