Gab Under Attack: The DDOS on January 23rd fosco, January 24, 2023January 24, 2023 Share this: On Monday, January 23rd around 3:30pm, we received a few odd emails, claiming to have found a vulnerability in our site. The email basically said go ahead and check, your site is down, pay us a small amount in Bitcoin and we’ll give you the solution. We work with bug bounty engineers all the time who report things to us and then we reward them with a bug bounty payment. This is a normal practice for most platforms of our size, but this was different. This was an extortion attempt. We checked the site, which was still online, and found no vulnerabilities. Fifteen minutes later though a massive DDOS (Distributed Denial of Service) attack started and brought the site to a crawl and things started timing out. We can’t be certain these things are connected, and I can make a decent argument they are not; A DDOS is not a site vulnerability in the usual sense of the word, and it’s not something where you would pay a ransom for a “solution”. We think it’s more likely this was yet another state sponsored attack against the strongest bastion of free speech. The attack was the largest, longest, and most distributed attack we’ve ever faced. For 8 straight hours, more than 12x the normal traffic we’d expect on a Monday was attempting to make requests to the site. The attack was coming from thousands of IP addresses from just about every country on the planet, along with US cloud providers like Google and Oracle and hosting providers like Digital Ocean and Linode. We got a pretty good handle on it within the first 30 minutes, but new sources and countries would appear and spike for the rest of the day causing occasional slowness. We played whack-a-mole and continued to implement temporary blocks and rate limits, focusing on providing a good experience for our core audience of US viewers.During the event, we had 1.5 Billion hits to the site. The largest share of attacks came from IPs in: Indonesia, Russian Federation, Brazil, Hong Kong, Mexico, Tor, South Korea, India, Singapore, Germany, Colombia, Ukraine, Argentina, Japan, Ecuador, and the list goes on. We’ll continue to improve our infrastructure and software stacks to be able to handle these sort of attacks better, but we’re quite happy with our performance on this one. Imagine being the idiots behind this attack which barely affected us and instead galvanized the user base against the likely perpetrators.Consider helping us spread the good word about Gab to new users by telling a friend, subscribing for GabPRO, or grabbing some merch from our shop. We’re only able to fight off attacks like this because of support from people like you which helps us continue to grow our in-house infrastructure. Fosco MarottoCTO, Gab.com Uncategorized andrew torbagab
Uncategorized Social Media “Influencer” Culture Is Crap November 27, 2020November 27, 2020 Share this:I have already written extensively about social media “influencers” and why these people don’t support or join Gab despite years of incessant whining about Big Tech censorship–on Big Tech platforms. Read More
Uncategorized Meet The Shadowy Company Behind The Failed Iowa Caucus App, Along With Its Connections To Mayor Pete February 4, 2020February 4, 2020 Share this: Read More
Uncategorized Get President Trump On Gab.com January 6, 2021January 7, 2021 Share this:I’m going to be upfront with you: Gab is growing fast. Our growth is already up 120%+ in 24 hours alone. We need to massively expand our server capacity and very quickly. We need your help to do it. Additionally, I am in the process of connecting with President Trump’s… Read More