What is happened to the forum?

[redsn0w]

As the title said : What is happened to the forum?

[Welsh]

DDOS. Probably expect this to continue throughout today, possibly tomorrow. A lot of people are suggesting cloudfare, hopefully we won't have to resort to using it.


https://twitter.com/bitcointalk/status/583461844192370689

[redsn0w]

DDOS. Probably expect this to continue throughout today, possibly tomorrow. A lot of people are suggesting cloudfare, hopefully we won't have to resort to using it.


https://twitter.com/bitcointalk/status/583461844192370689

Oh ok, cloudfare is a good option and I don't understand why this forum doesn't use it.

[Riley Nico]

this is april fool's day

[dothebeats]

DDOS. Probably expect this to continue throughout today, possibly tomorrow. A lot of people are suggesting cloudfare, hopefully we won't have to resort to using it.


https://twitter.com/bitcointalk/status/583461844192370689

Cloudfare? I don't think we need that service for this forum tbh. It's just that the forum software is a little bit outdated but can still stand some security threats. The last time I remember that we experienced similar issue was dated January. Hope this attack doesn't persist and the forum may once again be stable.

[Pushtheghost]

Site was running very slow for some hours and there was lots of loading troubles. Seems to be resolved, for now at least, but it must have been a pretty powerful DDoS attack in the first place to bring the site down for so long.

[randy8777]

i couldn't get access to bitcointalk since yesterday. finally it's back but i hope it stays online now.
if it is a ddos attack what's the purpose of that attack beside getting the site offline? stealing data?

[dothebeats]

Site was running very slow for some hours and there was lots of loading troubles. Seems to be resolved, for now at least, but it must have been a pretty powerful DDoS attack in the first place to bring the site down for so long.

At first I thought that the site has overhauled the old software and replaced it with the new one, but things turned out wrong for me. I've asked a couple of questions to the people in #bitcoin freenode then directed me to a tweet regarding a dos attack. Well tbh, I was quite surprised on the duration of the attack. If I'm not mistaken, it's been 10 hours before the forum went back online.

i couldn't get access to bitcointalk since yesterday. finally it's back but i hope it stays online now.
if it is a ddos attack what's the purpose of that attack beside getting the site offline? stealing data?

The intentions of the attackers and their identity, along with their purpose on attacking is not yet known.

[hilariousandco]

It's because the forum has aids and its own immune system is eating itself alive.

this is april fool's day

That was yesterday. I don't think shutting down the site would be a very good April fools. Though maybe next year stick one of those FBI this domain has been seized notices on the front. That would be pretty funny.

[Jeremycoin]

this is april fool's day

It's yesterday, not today -.-
But I guessed it too before I read the tweet

[Welsh]

Oh ok, cloudfare is a good option and I don't understand why this forum doesn't use it.

It's ok. But, you have to rely on a third party which is the dealbreaker in my opinion.

Cloudfare? I don't think we need that service for this forum tbh. It's just that the forum software is a little bit outdated but can still stand some security threats. The last time I remember that we experienced similar issue was dated January. Hope this attack doesn't persist and the forum may once again be stable.

Well, even with new forum software it won't really improve protection against DDOS attacks. More/better hardware will, there's certain things you can do, but theymos has pretty much already covered most of the little things you can do to prevent DDOS attack. There's been plenty of discussion on this previously where theymos has asked for advice on protection from DDOS. I can't seem to find the thread yet.

[dothebeats]

Oh ok, cloudfare is a good option and I don't understand why this forum doesn't use it.

It's ok. But, you have to rely on a third party which is the dealbreaker in my opinion.

Cloudfare? I don't think we need that service for this forum tbh. It's just that the forum software is a little bit outdated but can still stand some security threats. The last time I remember that we experienced similar issue was dated January. Hope this attack doesn't persist and the forum may once again be stable.

Well, even with new forum software it won't really improve protection against DDOS attacks. More/better hardware will, there's certain things you can do, but theymos has pretty much already covered most of the little things you can do to prevent DDOS attack. There's been plenty of discussion on this previously where theymos has asked for advice on protection from DDOS. I can't seem to find the thread yet.

The security holes--even the tiniest ones--should be covered and be immediately taken care of. Valuable and sensitive information might be compromised once another security threat or attack occurs. I really, really, just hope that the new forum software is that secure so as to prevent another issue like this to happen again.

[redsn0w]

Oh ok, cloudfare is a good option and I don't understand why this forum doesn't use it.

It's ok. But, you have to rely on a third party which is the dealbreaker in my opinion.

Cloudfare? I don't think we need that service for this forum tbh. It's just that the forum software is a little bit outdated but can still stand some security threats. The last time I remember that we experienced similar issue was dated January. Hope this attack doesn't persist and the forum may once again be stable.

Well, even with new forum software it won't really improve protection against DDOS attacks. More/better hardware will, there's certain things you can do, but theymos has pretty much already covered most of the little things you can do to prevent DDOS attack. There's been plenty of discussion on this previously where theymos has asked for advice on protection from DDOS. I can't seem to find the thread yet.

I think theymos can "accept" a sort of compromise to improve the "security" of this forum, or maybe he is waiting to the new forum software and after he will use cloudflare.

[dothebeats]

Oh ok, cloudfare is a good option and I don't understand why this forum doesn't use it.

It's ok. But, you have to rely on a third party which is the dealbreaker in my opinion.

Cloudfare? I don't think we need that service for this forum tbh. It's just that the forum software is a little bit outdated but can still stand some security threats. The last time I remember that we experienced similar issue was dated January. Hope this attack doesn't persist and the forum may once again be stable.

Well, even with new forum software it won't really improve protection against DDOS attacks. More/better hardware will, there's certain things you can do, but theymos has pretty much already covered most of the little things you can do to prevent DDOS attack. There's been plenty of discussion on this previously where theymos has asked for advice on protection from DDOS. I can't seem to find the thread yet.

I think theymos can "accept" a sort of compromise to improve the "security" of this forum, or maybe he is waiting to the new forum software and after he will use cloudflare.

Though cloudfare is a good service you can rely to in terms of security, still it is another thing if you entrust the security to a third-party service. Maybe theymos had thought about how to prevent such attacks in the future, and may also ask the devs that are working on the forum software to add some codes that will help the security of the forum.

[(oYo)]

I thought it might have been due to some problems with the re-enabling of avatars.

Seems like we're still in April Fools' mode.

[dothebeats]

I thought it might have been due to some problems with the re-enabling of avatars.

Seems like we're still in April Fools' mode.

Probably not. The bitcointalk account in twitter posted earlier that the forum indeed is under a ddos attack. And the fact that the forum changed its ip address tells us that there had been really a problem earlier.

[wtogami]

The forum was under a big DDoS attack.  theymos has long resisted the idea of protecting the forum with the most cost effective DDoS protection providers like Cloudflare because doing so hands the SSL private keys to a 3rd party company and increases the privacy risk of the users.  Instead he decided to try hosting at another provider with automatic DDoS mitigation where theymos continues to directly control the SSL certificate.  This provider is considerably more expensive than Cloudflare, which he considers necessary to protect the users.  It remains to be seen if their service is reliable and worth the cost.

[Lauda]

I think theymos can "accept" a sort of compromise to improve the "security" of this forum, or maybe he is waiting to the new forum software and after he will use cloudflare.

Though cloudfare is a good service you can rely to in terms of security, still it is another thing if you entrust the security to a third-party service. Maybe theymos had thought about how to prevent such attacks in the future, and may also ask the devs that are working on the forum software to add some codes that will help the security of the forum.

Honestly I don't remember a time when Cloudfare actually helped. I usually see that warning which says that the site is down. Looks like Bitcointalk doesn't need it, it's not really that useful and gives room for exploitation.

As the title said : What is happened to the forum?

One could have figured that out just typing the url in Chrome (depending on the message that you're getting). Hopefully we don't overflow with threads about this.

[EvilPanda]

It was probably one of the speculation trolls angry went up yesterday instead of following their predictions and going below $200, or somebody was really serious about making fools' day prank. 
I'm glad it's working again.

[dothebeats]

I think theymos can "accept" a sort of compromise to improve the "security" of this forum, or maybe he is waiting to the new forum software and after he will use cloudflare.

Though cloudfare is a good service you can rely to in terms of security, still it is another thing if you entrust the security to a third-party service. Maybe theymos had thought about how to prevent such attacks in the future, and may also ask the devs that are working on the forum software to add some codes that will help the security of the forum.

Honestly I don't remember a time when Cloudfare actually helped. I usually see that warning which says that the site is down. Looks like Bitcointalk doesn't need it, it's not really that useful and gives room for exploitation.

As the title said : What is happened to the forum?

One could have figured that out just typing the url in Chrome (depending on the message that you're getting). Hopefully we don't overflow with threads about this.

It took me almost forever to load the site earlier. But it seems like the issue was now fixed. Btw, are there any info as to where the attack originated? I'm kinda curious.