Image by Eugene Kucher from Pixabay
By Jo Nova
The site is under hostile attack
On Easter Saturday, inexplicably, traffic suddenly tripled, and kept growing day after day. Each time we did updates and tweaks to the settings the site was overwhelmed by even more traffic. So all kinds of error messages appeared as the server responses were exhausted. There were cascading failures for days as different parts of the system tried to recover. Despite the calm period now, the ferocious activity still hasn’t slowed down. Yesterday traffic was running at five times normal.
Given that the attack started just two weeks before the Australian election, and during the long Easter holiday weekend, it appeared timed to strike when tech help would be away, and thus cause the longest outages and largest disruption.
Strangely (despite our election), most of the new traffic was coming from overseas, especially from the USA and Singapore. Many requests were for the same two old posts from 2020 and 2010, seemingly randomly picked, showing this was not an organic thing at all.
In the end, this attack was both clumsy and sophisticated at the same time. Whoever was doing this must have had control of something like 50,000 bots in China, the USA, Brazil and Europe and the ability to access hundreds of thousands of IPs each week. Yet they didn’t even bother to request different random pages or recent pages, which might have made this look like an AI training program or new traffic. It’s like they wanted us to know they were targeting the site. It was hostile. I will be notifying the Australian Cyber Security Centre (ACSC).
One particular Chinese server stood out for being a source of trouble, and after those requests were blocked, traffic from Singapore declined sharply. (Sincere apologies to any freedom loving Chinese readers affected by this.). Obviously we don’t know the true original source, it may be the CCP, but there are other candidates who might want us to think it was China while they cover their own tracks.
That said, people may not think of me as a China critic but I’ve written 134 posts on China, and few other people in Australia seem to point out that we still don’t have answers about the biggest industrial accident in history that killed millions. And we don’t have an apology for the Covid lies, the coal lies, the reckless experiments, or the strange freezers of frozen Ebola in California. Hardly anyone else seems to mention that the cheap postage from China is an archaic UN rort we all pay for (which destroys our small businesses). I like to remind everyone that the CCP is the only “developing nation” on Earth that can’t cut emissions, but can have a space program. And also that the coal-burning-communists pay activists in the UK and USA to tell us to use less coal while they use more. Many have congratulated Anthony Albanese for “restoring trade relations” with China, but I’m one of the few pointing out that all he did was surrender. (Shh, nobody mention why China launched that trade war@!). Anyhow, you get my point…
If you can help, the site needs more armor
The site web guru (the excellent Eric) has made many changes. The bigger servers will cost more, and there’s much more we need to do. I can’t really spell out the details for obvious reasons. But will report in a few weeks on progress.
Never surrender
Please, if you can, hit the tip jar, buy me a coffee, a steak, a month on the server ($200) and money to pay software updates. Australians may prefer to use direct deposit (details below) where you can also set up a monthly donation which helps me plan ahead. Thanks for your contribution, no matter how big or small. I know times are tough for some people.
Due to ridiculous legal froufrou, we can’t use the word “donate” so in Paypal people need to “buy me” a number of “units of emergency chocolate” — (1 unit equals $1) so write a number of dollars into the Quantity Field! (Apologies it’s not more user friendly. Lucky my readers are smart. 🙂 ). This works in AUD, CAD, EUR, GBP, NZD or USD.
OR send help directly via National Australia Bank for UnQwerty Pty Ltd BSB: 086420 Account number: 563148308 or via International transfer or even via snail-mail.
Thanks to the patient readers who have put up with so many disruptions to the site in the last week. And thanks to those who have already donated!
PS: Best wishes for Election Day today Canada!
A purchase of chocolate has been made. I expect this to last 6 weeks. Will then order more. 🤠
[Brilliant! Thank you John. Yes, costs will be up and some of that will be ongoing. – Jo]
140
Bought a few weeks worth of chocolate to sustain my focus whilst watching, I hope, Trudeau’s corrupt government implode.
140
I had suspected a coordinated attack right from the start.
Only to be expected I suppose.
Any site which strives for an approximation of free speech and has a large audience is going to be like a tin duck in a shooting gallery.
If it’s any comfort your site has not been the only target.
Apparently that famously grubby honeypot 4chan was also recently crippled and down for a considerable time.
And look what they did to Alex Jones.
To ease my conscience and to support my principles I’ve purchased a modest amount of chocolate, as much as my Steptoe and Son budget can stretch to.
Keep shining that light and fighting the good fight!
You are making a huge difference to my world and the world in general.
I wish there were awards for battling ignorance, superstition and groupthink. For holding the candle high against the rain and darkness, and striving for what’s good right and true.
440
Ping.
60
The Left don’t believe in free speech and are quite willing to do “whatever it takes” to silence critics. Hence their belief in censorship by legal or illegal means such as DDOS attacks. Conversely, conservatives and fellow rational thinkers believe in free speech.
I wouldn’t put it past the Australian Left like Greens or Labor or even worse ratbag groups to do something like this (not saying they did, but such actions are consistent with their “do absolutely anything, legal, illegal or immoral” mentality to win office).
And don’t forget, such Leftist groups are funded or supported by some of the world’s richest people, grifters heavily “invested” in “green” energy or Leftist union superannuation (retirement) funds or trade unions themselves.
351
Jo, my perception is that the site is still under attack because when I reload a page or I post something, a blue bar at the top of my Samsung Internet Android phone browser takes a very long time to disappear indicating the page is taking a long time to fully load, even though everything superficially appears to be there.
70
I usually visit this site on my iPad. Whenever I open a search tab, it appears in the first 2 or 3 “suggestions” based on regularly visited websites.
Jo’s blog disappeared from the suggestions a couple of weeks ago and won’t feature amongst them even after visiting the site multiple times recently.
Anybody else experienced similar activity on their device of choice?
50
The ‘suggestions’ on my tablet were the ‘forbidden’ messages but I found that typing in the full address worked ok. I managed to get rid of those suggestions and now have the one that works….atm, anyway.
My OH has just sent a few chocolates for you Jo. Thankyou Jo for your work.
Not an ideal Easter for you, was it?
70
Gosh Jo, this is seriously concerning. We live in perilous times. Many of us have been writing to our newspapers of our concern re defence spending but our pollies have not made it central to the current election. Some movement recently but it is a bit late.
May I say that your website is my go to site for current affairs of importance every day. That attempts have been made to close it down testify to its importance. I will be sending some assistance today and will make this a regular event.
Thank you for your amazing work. Like many others, I am deeply grateful.
360
It is my go to for news also
50
Done.
50
Likewise, via UnQwerty.
And best wishes.
40
3 weeks of server chocolate. 🙂
80
Can you put the site behind a CDN like Cloudfront? Possibly expensive, but there might be better providers too. Normal traffic will never hit your site because it is cached, saving costs in the long run, and they generally have DDos protection built in.
70
I think Leftists/warmists on this site should also donate.
After all, Jo let’s them come here to play and learn. In contrast, rational thinkers quickly get booted from “their” websites.
Plus, we conservatives already pay taxes for their propaganda as delivered by 24/7 propaganda from Their ABC, SBS, CSIRO, BoM and other taxpayer funded agencies.
People and organisations of the rational thinking community get no taxpayer funding.
232
I’m sorry for your troubles Jo and hope things clear up soon.
120
In Australia, apart from DDOS attacks, we have the additional threat to free speech imposed by the fake conservative Liberal appointed e Safety Kommissar who even tries (or does) censor our elected representatives.
In fact we don’t even know what she is censoring because she is not required to publicly publish a daily (or any) report of what she has censored and why.
Senator Babet wrote:
210
Sad times David! I don’t believe the Liberal collective want to win. If they did they would be putting up a better fight than we are currently witnessing. They have a nucleus but too much dead wood and LGBTQ types to forge a decent front. It’s a repeat of that Malcolm Turnbull created in order to unseat Tony Abbott. At this stage the best we can hope for is a hung parliament that keeps the Marxist Greens at bay for another three years
130
A hung parliament does not keep the Greens at bay. Probably the opposite. It gives them more power and influence if either major party needs to haggle with them to get legislation through.
Labor will be happy to given they share many agendas.
120
Gee, Penguinite, a Labor minority government with the Greens would be significantly worse than a Labor majority government
90
“a Labor minority government with the Greens would be significantly worse than a Labor majority government”
No, a necessary evil, the sooner we collapse the country the sooner we can get onto building it back. This slow strangulation by Labor & Coalition will kill generations, while if people see what a Green future really is like they can throw them out and never vote for them again.
Who will stop the endless Govt welfare handouts?
Who will stop the Govt borrowing?
Neither are sustainable, do we default on our loans to overseas lenders? Do we become Argentina and flood the place with money and inflation, until we are Zim? It has gone past the point of ‘vote for the other party’, no party is going to fix this mess!
20
Bring it on?
00
I hope Paypal will accept my choice (I’ve had problems with it long before current difficulties).
40
PayPal has been hostile to conservatives and other members of the pro-science community in the past.
E.g.:
141
My PayPal chocolates worked, acknowledged gracefuly by our fabulous host. Even though we had some controversy previously, I deeply respect and appreciate Jo’s work and intellect, as well as all participants.
We need to keep this flame alive!
30
No doubt your e-Karen Kommissar, J.I.G., will have her team looking into this online safety breach: with past overseas experience working for MS, the little blue birdy, Adobe, various other agencies & governments as well as We Eat Flesh affiliations, she is the right person in the right position at the right time to look the other way…
Is there an election in your country soon?
/sly
150
I’m sure it will be #1 spot on the kommissar’s to-do list.
NOT!
As the world falls apart on schedule, DDOS attacks are climbing.
Can’t have the truth out there now can we!
Attacks up 53% for 2024 over 2023, and climbing.
60
A podcast discussion of the effect AI bots are having (from 1 m 45 s): https://latenightlinux.com/2-5-admins-242/ Links with more information are on that page. I’m not sure if that is what is affecting this site, but there may be some clues there.
50
Onya Jo -give it to those scumbags;you can count on me to help.
81
Congratulations Jo. You are obviously over the target to be attracting so much flak. We know the Chinese are bullies and this seems a typical bully tactic. I just wish that more people were aware that China is not our friend and neither is Albanese.
201
Didn’t know what DDOS meant. So, looked it up. “Distributed Denial of Service”. I’m sure there are others who also didn’t know the meaning. I’ve also noticed one other thing. When I tick the box to have my name placed automatically into the next comment, it doesn’t work. That’s is, I still have to type it in next time. Choccies coming later. 😊
80
There’s a lot of this going around lately. If you are using a major virtual hosting platform like AWS or Azure, they have a range of DDOS protection options available … not for free, obviously.
Then you can look at using a Content Delivery Network (CDN) such as this list …
https://www.cdnplanet.com/geo/australia-cdn/
Those are not free either, but it’s a competitive market so prices should roughly reflect what it costs to implement.
100
What is an Edge Server and a POP?
10
A POP means “Point of Presence” and that’s just shorthand to say there are some servers installed at that particular physical location.
An “Edge Server” means it is setup to be as close to the end user (i.e. the browser) as possible. Suppose you are using VodaFumble on your phone, the data will go back to some TPG gateway and the ideal “Edge Server” would be installed right on the other side of that gateway … usually inside the TPG data centre and on their network. This requires cooperation from the major Internet companies in each city.
The CDN will have multiple mirrors of the original content, making it faster to access. When working properly, your traffic goes to the closest Edge Server, taking the load away from the primary server. Most CDNs also protect themselves from DDOS in various ways.
80
CDN’s are one of the internet’s great solutions but primarily targetted to large business and corporations.
Pricing is good though:
https://cloud.google.com/cdn/pricing
Maybe Jo can look into costs for her monthly bandwidth usage.
00
Emergency Chocolates Done
50
Firewall blocklists are another option … with various pros and cons. The basic idea is that all websites sign up and share their “bad boy” reports against any IPs that are hitting them. That gets shared into a central database (e.g. AbuseIPDB or similar).
Once a day you download the blocklist and update your firewall configuration to efficiently prevent access from those sources. If a new server get compromised it takes a while for all the reports to get correlated and the blocklist to be updated … therefore it isn’t a perfect solution. Also, you can end up temporarily blocking friendly traffic by accident, although there’s mechanisms to make that unlikely.
Here is a rundown. The advantage is that at least the lowest tier accounts are free and higher tiers don’t cost a whole lot.
https://lowendspirit.com/discussion/7699/use-a-blacklist-of-bad-ips-on-your-linux-firewall-tutorial
That gives the basic idea. If you have a commercial grade firewall like Fortinet, you probably have built-in integration for various blocklists. Just need to figure out how to enable it.
80
Is it possible to register all current users and then a new user requires a vetting process to get approved?
70
Yes, but it won’t do anything to fix the problem.
Running a dark forum or blog (like I do) is a solution, but only members see anything. The public and search engines don’t know it exists.
40
>The public and search engines don’t know it exists
So how does that work? By invitation I guess.
10
So that is a problem for sure.
Not what I meant,
Jo (and we) want to spread her message far and wide.
00
Surprised to hear it was/is a DDOS attack. Felt much more like a DNS “poisoning” problem. *If* I got in, it seemed to work fine for hours. OTOH, if I got the “Site under development” screen, or the “Rejected” error, I kept getting that for hours (with browser cache cleared).
50
Were you redirected ?
If so, where to?
10
No, it wasn’t like an http redirect, but it felt like a misdirect, frequently getting an Apache “it works but isn’t configured yet” page.
Here’s the vague hypothetical explanation I had in mind:
If you dns “host” joannenova.com.au you’ll see it has two IP addresses. In ipv4: 104.21.66.183 and 172.67.163.55. Both addresses are in CloudFlare space, and I guess this website is hosted on mirrored virtual servers and which one we get depends more or less on the toss of a coin.
If some admin within the hosting network was configuring a new host, say for another customer, and had fat-fingered the IP address, stealing (say) 172.67.163.55, the people who got that address when trying to visit JoNova’s would get this partly-configured host. The other half would continue to see the correct content.
That’s consistent with what I saw: sometimes worked perfectly and not slow at all; sometimes refused connection or the unconfigured Apache page.
10
Robert, the attacks seemed to come in waves that lasted a few hours. Perhaps that’s why it felt like once you got in you could stay in? But I’m open to suggestion about what else it was. Yes, Cloudflare is handling quite a bit of the traffic, and caching there can sometimes be an issue.
30
Jo,
I’m a programmer, not a sysadmin, and don’t have any good suggestions. Was just expressing surprise.
Would be interesting to know where that “Site under development” page was coming from. It might be lurking on your server and some Apache overload/misconfig/error led to it appearing rather than the front page. Might be good to customise that page with a “Something’s haywire today” message in case the problem ever happens again.
10
I thought CloudFlare was already providing DDOS protection?
https://www.cloudflare.com/ddos/
I didn’t realize you were already using it … so surprising that the attacks would have still come through so easily.
10
In one sense the attack can been seen as a badge of honour, because you would only attack a site if you thought it was having an impact on public opinion.
161
Points of difference WRT Canadian elections:
1. Voting is not compulsory
2. Winner is “first pass the post”. Non-preferential
3. Electors must provide identification
4. Electorates are called “ridings”
5. Elections are held during the working weekdays. Never on Saturday
6. Workers get time off (full day AFAIK) to vote though many choose to not vote
7. Little wonder their national anthem is “Oh, Canada!” Ey!
Stanley Park
120
Hi Jo, have now tried about 8 or 9 times to buy chocolates via Paypal. They require a verification code which they send via email and none has come through. I don’t do internet banking, but will keep trying. Maybe Paypal’s been got at too. ToM
20
My PayPal worked fine. Just get the verification code via text. Maybe check your junk mail for the email verification code?
10
Thanks Ross, will try that. ToM
10
Thanks for persisting ToM. Paypal seems to be working for most people, but I am certainly open to suggestion about other routes. I tried to set up GiveSendGo and couldn’t get a verification email myself before Christmas, so I must sort that out and try again…
20
If you don’t do internet banking you could perhaps do a chocolate transfer to Jo’s account at your bank branch in person.
21
Paul Homewood (Not a lot of people know that) was also impacted, so we are looking at a test in preparation for a more hostile act. Changing the avatars was a nice touch.
30
It was inevitable, considering the truths revealed.
Presumably you already use a mitigation service like Cloudflare?
As I’ve said more than once, you should run an offshore server and/or a substack.
Cheaper and a backup or mirror should the primary site be attacked.
Some tips here:
https://www.zdnet.com/article/how-to-protect-your-site-from-ddos-attacks-before-its-too-late/
40
Done – keep up the good fight!
40
Have sent chockies. All the best, jo.
30
Will send chockies anon.
20
Australian paypal was amazingly cooperative
Keep up the freedom of expression banner flying
30
Large box of chocolates on the way, Jo. Let us know when they are all done.
30
Jo,
It would seem you have hit the big time . You have stung them into action . I would suggest you consider merch . Happy to help…
50
Until recently visitors from China to my web site, climateauditor.com were rare but now they are every day or two and I feel sure that they are done with the approval of the CCP.
I also believe that our PM is a closet Communist. He was born to an unmarried mother so no father or siblings during childhood. He lived in a council flat with Mother and Grandparents dependent on welfare benefits and age pension. At 16 years of age, he joined the Far Left of the ALP which was associated with the Australian Communist Party until banned. To be accepted by others, ‘the privileged’, he learnt to tell them what they wanted to hear which held no relationship to what he intended to do, and still does.
Once having achieved the position of PM, he has been advised by the Uniting Front of the CCP on how to ruin our economy, by purchasing useless wind-farms and solar panels, and cripple our defense services.
My data analysis clearly shows that CO2 induced climate change and global warming is an HOAX propagated to collapse capitalism due to fossil fuel use being the driver of its success with its reliability and low cost.
Our Nation is in grave danger especially as Australia has one third of the World’s reserves of uranium which the CCP want to use in creating atomic weapons and threaten the rest of the free-World.
90
“Our Nation is in grave danger especially as Australia has one third of the World’s reserves of uranium which the CCP want to use in creating atomic weapons and threaten the rest of the free-World.”
Seriously?? I’m the one with the CIA shades on here!
Western propaganda aside, China has no need to threaten the rest of the world with anything, they are about to inherit the position currently occupied by a failing America, formerly occupied by a failed UK, and they don’t have to try! So long as people buy their manufactured products they can buy the rest of the world. America did it by printing the reserve currency, China will do it by hard work.
If anyone wants atomic weapons it will be the Yanks, as their empire thrashes around in its death throes and they refuse to admit it.
PS- Your “free world” should be in speech marks, there is nothing free about any of the Western countries! Just try criticising the religion that goes to Mecca, or writing your ideas on Facebook, or praying outside an abortion clinic, or telling someone in the street what you think while a cop is in earshot.. ..or reading a page on the internet that the Govt Censor doesn’t want you to see!
12
Really KP ? So that is the reason that they sent their war-ships to circumnavigate our continent?
10
Its the CCP and ‘little pinks’ in foreign countries.
‘The most distributed denial of service (DDoS) originated country in the world is China followed by US, UK, France, Korea, Singapore, Japan, Vietnam and Germany.’ (ResearchGate)
20
Quite a clumsy ploy to fill the tip jar Jo !.
07
Can’t afford it this fortnight Jo,
But very soon a small box of chocolates will be sent.
20
Just adding my suspicious mind to the day.
If I wanted to do a drive-by shooting of some enemy I would not hire a shady bikey gang but persuade/pay someone to hire a third party to do the job and I’d stipulate how and where the stolen vehicle was to be burned (i.e. nowhere near where I live). I’d leave no trace of me but generate a plausible set of “finger-prints” to some likely lads.
Just because many of the ‘net hits came from China does not mean it was them. I reckon JoNova is bang on target with many topics.
Who’s feathers have been ruffled?
Who stands to lose ?
30
“Who’s feathers have been ruffled? Who stands to lose ?”
Absolutely! Who has the incentive to silence Jo?? Certainly not the Chinese, they have no reason to give a fk. There are enough $trillions sloshing around in semi-Govt Depts in the USA to help out a bro in Australia…
As you say, if it looks like it came from some country, it most probably didn’t!
30
On a happier note: the pope is no longer able to trouble anyone and sualK bawhcS has stood down from that We Eat Flesh outfit and is under investigation by his own kind for mis-use of their funds among other things.
40