More DDOS(?) traffic 19/5/25
More DDOS(?) traffic 19/5/25
We've seen some issues with AZ again today. On investigating it looks like more DDOS/abuse traffic from overseas. I've applied the same sort of block as last time we saw this, and things appear to have returned to normal..
The sharp drop is when the "attack" started, the jump is when it was blocked... the red line is blocked requests.
Are the requests from a single source?
IP? No. Country, ASN and user agent? Yes. Which now will receive a captcha.
I may have pissed off the users from that other Australian Lemmy instance today. I hope that didn't cause it.
Could be a scraper? But it doesn't sound much like one if the user agent wasn't clear, or suspicious. A DoS attack would probably be making an odd request, intended to waste the most resources possible.