Cloudfare

tactica · 06 Mar 2024, 16:51

I suppose I'm not the only one who noticed that now we're required to pass a Cloudfare challenge before accessing DT. Looks like the latest move from our benefactors.

I also noticed that right after the daily downtime when everything throws an nginx error you have to log in again, at least with Firefox.

Muirium · 07 Mar 2024, 14:05

Yes and getting logged out continuously on Safari on my phone. Nice!

sliceoflemon · 07 Mar 2024, 15:44

My 2 cents on this -

People in general only put their sites behind Cloudflare for 2 reasons :

a. caching
b. DDOS protection

Setting up your site with Cloudflare doesn't mean that by default you will always have it check if you're a bot each time anyone connect to it, like DT does now. Someone had to turn that function on manually. Given that fact, I'd guess b) is the answer, or at least the main reason for them doing this. It could be both, of course.

That would then seem to imply that whoever did this may think the site has a problem with DDOS attacks. Perhaps this is their perception of why the site keeps going down?

As for the problems you are facing, they are using Cloudflare in proxy mode (check the IP address of deskthority.net - you will see it now resolves to 2 Cloudflare IPs instead of the German cloud provider's IP that it used to resolve to). In proxy mode, Cloudflare sits in front of the actual server and then forwards the traffic to the actual server hosting the site. It is actually one of the default settings for Cloudflare. However, not everything works properly with proxy mode turned on. My guess is that the authentication system for the site is likely incompatible with it, which is why you keep getting logged off.

Muirium · 07 Mar 2024, 17:02

I had hoped it meant "we are sold at last! maybe the new guy will be better…"

But yeah, the cack-handed way it's been implemented just looks like a quick and dirty patch by someone who doesn't understand the (pretty basic) problem and certainly doesn't fancy actually talking to the community about it. Checks out.

depletedvespene · 07 Mar 2024, 19:02

Well, the site is not losing my login every few minutes anymore, so I'll call this a step in the right direction.

Besides, the idea that Cloudflare determines I am, indeed, a Human being provides me with a modicum of comfort.

soyuz · 07 Mar 2024, 19:14

In a wild turn of events, onecommerce people are posting in the Keyboard Institute discord about Deskthority rather than like, actually updating people about the website on the website, so I'll relay it.

Muirium · 07 Mar 2024, 20:05

China wants us DOWN, apparently. Hokay…

jsheradin · 07 Mar 2024, 20:09

Cloudflare broke a DT Telegram bot which is how a good chunk of spam posts were dealt with.

Would be nice if the forum owner would bother popping in to say hello rather than hanging out on a Discord server that's not even affiliated with Deskthority. You'd think a company burning as much money as OneCommerce could afford to hire a part time web admin and maybe do something about the dozen new spam accounts each day.

depletedvespene · 07 Mar 2024, 20:26

Muirium wrote: ↑
07 Mar 2024, 20:05
China wants us DOWN, apparently. Hokay…

Makes perfect sense. China can't force the world to buy their spyware-laden keyboards if pesky little forums like this keep resucitating vintage keyboards and putting them to good use.

keyboardjoy · 07 Mar 2024, 21:13

jsheradin wrote: ↑
07 Mar 2024, 20:09
Cloudflare broke a DT Telegram bot which is how a good chunk of spam posts were dealt with.

Would be nice if the forum owner would bother popping in to say hello rather than hanging out on a Discord server that's not even affiliated with Deskthority. You'd think a company burning as much money as OneCommerce could afford to hire a part time web admin and maybe do something about the dozen new spam accounts each day.

Hi hi! Somehow I thought everyone was on the Discord but evidently no. We've been under DDoS attack for a few weeks (hence the error page you may have seen on and off). The quick fix I turned on was to add cloudflare which worked successfully (already took a few days to figure out what the issue was). Now I'm trying to make it less aggressive. I've been working on a few interesting things for DT, hopefully will keep releasing changes.

sliceoflemon · 07 Mar 2024, 22:30

soyuz wrote: ↑
07 Mar 2024, 19:14
In a wild turn of events, onecommerce people are posting in the Keyboard Institute discord about Deskthority rather than like, actually updating people about the website on the website, so I'll relay it.

I've actually noticed something similar on one of the servers I manage. The traffic is from random Alibaba Cloud blocks. I've only been able to look at it briefly but the only patterns I've noticed are that :

it hits odd URLs that normally wouldn't be accessed directly
there is no referrer

I can't tell what the purpose of that traffic is right now but it looks more like it is scraping data than attempting a DDOS attack. In general, I've seen an increase of traffic from China based cloud IP addresses over the past year or so on the servers I manage and the behaviour changes randomly. For example, there is a China based bot called Petalbot that suddenly appeared somewhere in the last 2 years. It's traffic ranges from fairly benign indexing from a few IP addresses to suddenly massively hammering your server from various random IP ranges at the same time. It's hard to tell what on earth they are up to.

tactica · 08 Mar 2024, 01:44

soyuz wrote: ↑
07 Mar 2024, 19:14
In a wild turn of events, onecommerce people are posting in the Keyboard Institute discord about Deskthority rather than like, actually updating people about the website on the website, so I'll relay it.

Thank you for that. Can't say I'm surprised.

On the up side, the site is no longer going down so I suppose having to log in every 5 minutes if you forget to refresh the page often is a small price to pay.

tactica · 08 Mar 2024, 02:05

keyboardjoy wrote: ↑
07 Mar 2024, 21:13
I've been working on a few interesting things for DT, hopefully will keep releasing changes.

While you're tightening security, would you have some time to upgrade Mediawiki to the latest version? It would involve upgrading the database software as well as PHP. The version installed is so old (6 years old now) that you would have to upgrade to one intermediate version first (see here).

keyboardjoy · 08 Mar 2024, 15:10

sliceoflemon wrote: ↑
07 Mar 2024, 22:30

soyuz wrote: ↑
07 Mar 2024, 19:14
In a wild turn of events, onecommerce people are posting in the Keyboard Institute discord about Deskthority rather than like, actually updating people about the website on the website, so I'll relay it.
I've actually noticed something similar on one of the servers I manage. The traffic is from random Alibaba Cloud blocks. I've only been able to look at it briefly but the only patterns I've noticed are that :

it hits odd URLs that normally wouldn't be accessed directly
there is no referrer

I can't tell what the purpose of that traffic is right now but it looks more like it is scraping data than attempting a DDOS attack. In general, I've seen an increase of traffic from China based cloud IP addresses over the past year or so on the servers I manage and the behaviour changes randomly. For example, there is a China based bot called Petalbot that suddenly appeared somewhere in the last 2 years. It's traffic ranges from fairly benign indexing from a few IP addresses to suddenly massively hammering your server from various random IP ranges at the same time. It's hard to tell what on earth they are up to.

Most data scrappers send a reasonable amount of requests to not get blocked, these guys have been sending 100 requests per second with no signature with the name of the scraper in the header :/

soyuz · 08 Mar 2024, 15:24

when the keyboardjoy

keyboardjoy · 08 Mar 2024, 15:55

tactica wrote: ↑
08 Mar 2024, 02:05

keyboardjoy wrote: ↑
07 Mar 2024, 21:13
I've been working on a few interesting things for DT, hopefully will keep releasing changes.
While you're tightening security, would you have some time to upgrade Mediawiki to the latest version? It would involve upgrading the database software as well as PHP. The version installed is so old (6 years old now) that you would have to upgrade to one intermediate version first (see here).

Good idea! That's the next one on the list!

keyboardjoy · 08 Mar 2024, 15:58

soyuz wrote: ↑
08 Mar 2024, 15:24
when the keyboardjoy

It's impressive that there's a bigger hatebase against oliver than fanebase towards DT.

Julle · 08 Mar 2024, 17:49

My home IP got randomly banned on DT this morning after the Cloudflare challenge. I have no idea what triggered it. This afternoon the ban was apparently reversed.

EDIT: Never mind, it's banned again.
EDIT 2: It's been fixed, thank you!

photekq · 08 Mar 2024, 19:55

On mobile, I get this on a neverending loop:

tactica · 08 Mar 2024, 21:10

keyboardjoy wrote: ↑
08 Mar 2024, 15:55
Good idea! That's the next one on the list!

While you're at it please re-enable the InstantCommons feature so we can again use the pictures freely available at Wikimedia Commons. At some point years ago this was disabled and now some links are broken. Having to download the pictures separately, specify a license, etc. would be plain stupid and it would take more resources.

Thanks.

tactica · 11 Mar 2024, 17:40

@keyboardjoy

Any updates on the cookie issue? It's driving me nuts trying to edit the wiki.

Edit: Problem has been solved since at least 2 days now.