Image by Eugene Kucher from Pixabay
By Jo Nova
The site is under hostile attack
On Easter Saturday, inexplicably, traffic suddenly tripled, and kept growing day after day. Each time we did updates and tweaks to the settings the site was overwhelmed by even more traffic. So all kinds of error messages appeared as the server responses were exhausted. There were cascading failures for days as different parts of the system tried to recover. Despite the calm period now, the ferocious activity still hasn’t slowed down. Yesterday traffic was running at five times normal.
Given that the attack started just two weeks before the Australian election, and during the long Easter holiday weekend, it appeared timed to strike when tech help would be away, and thus cause the longest outages and largest disruption.
Strangely (despite our election), most of the new traffic was coming from overseas, especially from the USA and Singapore. Many requests were for the same two old posts from 2020 and 2010, seemingly randomly picked, showing this was not an organic thing at all.
In the end, this attack was both clumsy and sophisticated at the same time. Whoever was doing this must have had control of something like 50,000 bots in China, the USA, Brazil and Europe and the ability to access hundreds of thousands of IPs each week. Yet they didn’t even bother to request different random pages or recent pages, which might have made this look like an AI training program or new traffic. It’s like they wanted us to know they were targeting the site. It was hostile. I will be notifying the Australian Cyber Security Centre (ACSC).
One particular Chinese server stood out for being a source of trouble, and after those requests were blocked, traffic from Singapore declined sharply. (Sincere apologies to any freedom loving Chinese readers affected by this.). Obviously we don’t know the true original source, it may be the CCP, but there are other candidates who might want us to think it was China while they cover their own tracks.
That said, people may not think of me as a China critic but I’ve written 134 posts on China, and few other people in Australia seem to point out that we still don’t have answers about the biggest industrial accident in history that killed millions. And we don’t have an apology for the Covid lies, the coal lies, the reckless experiments, or the strange freezers of frozen Ebola in California. Hardly anyone else seems to mention that the cheap postage from China is an archaic UN rort we all pay for (which destroys our small businesses). I like to remind everyone that the CCP is the only “developing nation” on Earth that can’t cut emissions, but can have a space program. And also that the coal-burning-communists pay activists in the UK and USA to tell us to use less coal while they use more. Many have congratulated Anthony Albanese for “restoring trade relations” with China, but I’m one of the few pointing out that all he did was surrender. (Shh, nobody mention why China launched that trade war@!). Anyhow, you get my point…
If you can help, the site needs more armor
The site web guru (the excellent Eric) has made many changes. The bigger servers will cost more, and there’s much more we need to do. I can’t really spell out the details for obvious reasons. But will report in a few weeks on progress.
Never surrender
Please, if you can, hit the tip jar, buy me a coffee, a steak, a month on the server ($200) and money to pay software updates. Australians may prefer to use direct deposit (details below) where you can also set up a monthly donation which helps me plan ahead. Thanks for your contribution, no matter how big or small. I know times are tough for some people.
Due to ridiculous legal froufrou, we can’t use the word “donate” so in Paypal people need to “buy me” a number of “units of emergency chocolate” — (1 unit equals $1) so write a number of dollars into the Quantity Field! (Apologies it’s not more user friendly. Lucky my readers are smart. 🙂 ). This works in AUD, CAD, EUR, GBP, NZD or USD.
OR send help directly via National Australia Bank for UnQwerty Pty Ltd BSB: 086420 Account number: 563148308 or via International transfer or even via snail-mail.
Thanks to the patient readers who have put up with so many disruptions to the site in the last week. And thanks to those who have already donated!
PS: Best wishes for Election Day today Canada!
A purchase of chocolate has been made. I expect this to last 6 weeks. Will then order more. 🤠
[Brilliant! Thank you John. Yes, costs will be up and some of that will be ongoing. – Jo]
100
Bought a few weeks worth of chocolate to sustain my focus whilst watching, I hope, Trudeau’s corrupt government implode.
80
I had suspected a coordinated attack right from the start.
Only to be expected I suppose.
Any site which strives for an approximation of free speech and has a large audience is going to be like a tin duck in a shooting gallery.
If it’s any comfort your site has not been the only target.
Apparently that famously grubby honeypot 4chan was also recently crippled and down for a considerable time.
And look what they did to Alex Jones.
To ease my conscience and to support my principles I’ve purchased a modest amount of chocolate, as much as my Steptoe and Son budget can stretch to.
Keep shining that light and fighting the good fight!
You are making a huge difference to my world and the world in general.
I wish there were awards for battling ignorance, superstition and groupthink. For holding the candle high against the rain and darkness, and striving for what’s good right and true.
240
Ping.
30
The Left don’t believe in free speech and are quite willing to do “whatever it takes” to silence critics. Hence their belief in censorship by legal or illegal means such as DDOS attacks. Conversely, conservatives and fellow rational thinkers believe in free speech.
I wouldn’t put it past the Australian Left like Greens or Labor or even worse ratbag groups to do something like this (not saying they did, but such actions are consistent with their “do absolutely anything, legal, illegal or immoral” mentality to win office).
And don’t forget, such Leftist groups are funded or supported by some of the world’s richest people, grifters heavily “invested” in “green” energy or Leftist union superannuation (retirement) funds or trade unions themselves.
191
Jo, my perception is that the site is still under attack because when I reload a page or I post something, a blue bar at the top of my Samsung Internet Android phone browser takes a very long time to disappear indicating the page is taking a long time to fully load, even though everything superficially appears to be there.
40
I usually visit this site on my iPad. Whenever I open a search tab, it appears in the first 2 or 3 “suggestions” based on regularly visited websites.
Jo’s blog disappeared from the suggestions a couple of weeks ago and won’t feature amongst them even after visiting the site multiple times recently.
Anybody else experienced similar activity on their device of choice?
30
The ‘suggestions’ on my tablet were the ‘forbidden’ messages but I found that typing in the full address worked ok. I managed to get rid of those suggestions and now have the one that works….atm, anyway.
My OH has just sent a few chocolates for you Jo. Thankyou Jo for your work.
Not an ideal Easter for you, was it?
10
Gosh Jo, this is seriously concerning. We live in perilous times. Many of us have been writing to our newspapers of our concern re defence spending but our pollies have not made it central to the current election. Some movement recently but it is a bit late.
May I say that your website is my go to site for current affairs of importance every day. That attempts have been made to close it down testify to its importance. I will be sending some assistance today and will make this a regular event.
Thank you for your amazing work. Like many others, I am deeply grateful.
200
Done.
40
3 weeks of server chocolate. 🙂
40
Can you put the site behind a CDN like Cloudfront? Possibly expensive, but there might be better providers too. Normal traffic will never hit your site because it is cached, saving costs in the long run, and they generally have DDos protection built in.
50
I think Leftists/warmists on this site should also donate.
After all, Jo let’s them come here to play and learn. In contrast, rational thinkers quickly get booted from “their” websites.
Plus, we conservatives already pay taxes for their propaganda as delivered by 24/7 propaganda from Their ABC, SBS, CSIRO, BoM and other taxpayer funded agencies.
People and organisations of the rational thinking community get no taxpayer funding.
81
I’m sorry for your troubles Jo and hope things clear up soon.
70
In Australia, apart from DDOS attacks, we have the additional threat to free speech imposed by the fake conservative Liberal appointed e Safety Kommissar who even tries (or does) censor our elected representatives.
In fact we don’t even know what she is censoring because she is not required to publicly publish a daily (or any) report of what she has censored and why.
Senator Babet wrote:
90
Sad times David! I don’t believe the Liberal collective want to win. If they did they would be putting up a better fight than we are currently witnessing. They have a nucleus but too much dead wood and LGBTQ types to forge a decent front. It’s a repeat of that Malcolm Turnbull created in order to unseat Tony Abbott. At this stage the best we can hope for is a hung parliament that keeps the Marxist Greens at bay for another three years
10
A hung parliament does not keep the Greens at bay. Probably the opposite. It gives them more power and influence if either major party needs to haggle with them to get legislation through.
Labor will be happy to given they share many agendas.
20
I hope Paypal will accept my choice (I’ve had problems with it long before current difficulties).
30
PayPal has been hostile to conservatives and other members of the pro-science community in the past.
E.g.:
71
No doubt your e-Karen Kommissar, J.I.G., will have her team looking into this online safety breach: with past overseas experience working for MS, the little blue birdy, Adobe, various other agencies & governments as well as We Eat Flesh affiliations, she is the right person in the right position at the right time to look the other way…
Is there an election in your country soon?
/sly
100
A podcast discussion of the effect AI bots are having (from 1 m 45 s): https://latenightlinux.com/2-5-admins-242/ Links with more information are on that page. I’m not sure if that is what is affecting this site, but there may be some clues there.
50
Onya Jo -give it to those scumbags;you can count on me to help.
61
Congratulations Jo. You are obviously over the target to be attracting so much flak. We know the Chinese are bullies and this seems a typical bully tactic. I just wish that more people were aware that China is not our friend and neither is Albanese.
81
Didn’t know what DDOS meant. So, looked it up. “Distributed Denial of Service”. I’m sure there are others who also didn’t know the meaning. I’ve also noticed one other thing. When I tick the box to have my name placed automatically into the next comment, it doesn’t work. That’s is, I still have to type it in next time. Choccies coming later. 😊
60
There’s a lot of this going around lately. If you are using a major virtual hosting platform like AWS or Azure, they have a range of DDOS protection options available … not for free, obviously.
Then you can look at using a Content Delivery Network (CDN) such as this list …
https://www.cdnplanet.com/geo/australia-cdn/
Those are not free either, but it’s a competitive market so prices should roughly reflect what it costs to implement.
70
What is an Edge Server and a POP?
00
A POP means “Point of Presence” and that’s just shorthand to say there are some servers installed at that particular physical location.
An “Edge Server” means it is setup to be as close to the end user (i.e. the browser) as possible. Suppose you are using VodaFumble on your phone, the data will go back to some TPG gateway and the ideal “Edge Server” would be installed right on the other side of that gateway … usually inside the TPG data centre and on their network. This requires cooperation from the major Internet companies in each city.
The CDN will have multiple mirrors of the original content, making it faster to access. When working properly, your traffic goes to the closest Edge Server, taking the load away from the primary server. Most CDNs also protect themselves from DDOS in various ways.
50
Emergency Chocolates Done
30
Firewall blocklists are another option … with various pros and cons. The basic idea is that all websites sign up and share their “bad boy” reports against any IPs that are hitting them. That gets shared into a central database (e.g. AbuseIPDB or similar).
Once a day you download the blocklist and update your firewall configuration to efficiently prevent access from those sources. If a new server get compromised it takes a while for all the reports to get correlated and the blocklist to be updated … therefore it isn’t a perfect solution. Also, you can end up temporarily blocking friendly traffic by accident, although there’s mechanisms to make that unlikely.
Here is a rundown. The advantage is that at least the lowest tier accounts are free and higher tiers don’t cost a whole lot.
https://lowendspirit.com/discussion/7699/use-a-blacklist-of-bad-ips-on-your-linux-firewall-tutorial
That gives the basic idea. If you have a commercial grade firewall like Fortinet, you probably have built-in integration for various blocklists. Just need to figure out how to enable it.
50
Is it possible to register all current users and then a new user requires a vetting process to get approved?
50
Surprised to hear it was/is a DDOS attack. Felt much more like a DNS “poisoning” problem. *If* I got in, it seemed to work fine for hours. OTOH, if I got the “Site under development” screen, or the “Rejected” error, I kept getting that for hours (with browser cache cleared).
40
In one sense the attack can been seen as a badge of honour, because you would only attack a site if you thought it was having an impact on public opinion.
91
Points of difference WRT Canadian elections:
1. Voting is not compulsory
2. Winner is “first pass the post”. Non-preferential
3. Electors must provide identification
4. Electorates are called “ridings”
5. Elections are held during the working weekdays. Never on Saturday
6. Workers get time off (full day AFAIK) to vote though many choose to not vote
7. Little wonder their national anthem is “Oh, Canada!” Ey!
Stanley Park
60
Hi Jo, have now tried about 8 or 9 times to buy chocolates via Paypal. They require a verification code which they send via email and none has come through. I don’t do internet banking, but will keep trying. Maybe Paypal’s been got at too. ToM
10
My PayPal worked fine. Just get the verification code via text. Maybe check your junk mail for the email verification code?
00
Paul Homewood (Not a lot of people know that) was also impacted, so we are looking at a test in preparation for a more hostile act. Changing the avatars was a nice touch.
00