What has been up with lemmy.world lately?
What has been up with lemmy.world lately?
At this point, many people have been bailing from the server due to the uptime issues. What's the rub?
They're being targeted for constant DDoS attacks. Could be multiple reasons. But the takeaway should be to spread out evenly through the fediverse. Don't all pile into .world (as I post this on my .world account).
106Any recommendations other than .world?
13I've been going to sh.itjust.works. You can find a list of other instances here as well.
18Lemm.ee works
9Lemmings.world - so far a small instance with big heart!
7Lemmy Explorer can help give a big picture view of what's out there, both in instances and in communities. Kbin instances are also viewable, you have to select them from the top right menu.
6Been on kbin.social for a month and it's been pretty solid. Note it's a different platform than lemmy (designed to read both lemmy and mastodon), but does a great job posting to and handling the content from lemmy platforms. There's growing pains here too, but the uptime has been good.
3just find a regional one run by a committed nerd
1
The big reason for being a target is the size. Why attack smaller ones with less effect? Like making a virus for anything besides Windows. But maybe the long term benefit is the movement of some to other instances, balancing out the loads.
9The DDoS is coming from inaide the server 👀
2
My guess, some loveless planarian with a botnet felt they didn't get enough attention from mommy and decided to hit .world with a couple DDOS attacks.
38They were getting hit with a lot of DDoS attacks a week or two ago, that may still be going on. Also they took off faster than most instances so a lot of this is just growing pains.
many people have been bailing from the server
That's not a bad thing, the content is shared between instances so you can get it on the other sites too. People going to other sites will hopefully help balance the load and possibly help with the growing pains. I haven't created an account on another instance yet, but I've been visiting other instances when .world goes down.
30One claim is DDOS attacks, another claim is that the servers are too small for the massive amount of people that recently adopted lemmy
I'd love to know which is true just because .. . . it's fun to know details
26Massive amounts of organic traffic to too small a server technically is a DDOS, even if unintentional rather than malicious. So, both to varying degrees, probably?
15It's DDOS. The admins for World have explicitly said so, and even said exactly how the attacks have been perpetrated by exploiting calls that require a lot of processing time to overload the server.
2The numbers are quite open at the maintenance community. Unless most users just decide to visit it together every day, there's a DDoS going on.
1
Growing pains. It's ok we'll pull through.
11Worse then that.
Theyre more then three times the size of the next lemmy instance which creates an attack surface.
6
4 hours to post this?
DDOS? Cloudflare is supposed to stop that. I see a lot of cloudflare errors.
lemmy world status shows 292 instances in the past 8 days! Elevated response times and system resources repeated endlessly.
Insufficient RAM and CPU are my main suspicion due to explosive growth. Parts aren't cheap but are needed.
How can we help with funding?
Subscriptions? - NO. This is not a commercial endeavour.
Donations? - Maybe. One off donations with no further commitment. Obviously, donate again if you want to.
Go Fund Me? - Possible but who sets it up. Possible fraud?
10How do you tell a ddos from legitimate traffic?
9It's like a fun* little cat and mouse game, you figure out the patterns to block specific traffic, then they adapt and you start again. I even saw some users comment the other day they were being hit with false positives and blocked because the blocking was too aggressive. Fortunately there are companies that specialize in this kind of stuff like cloudflare. But that costs money so it wasn't added until just recently, so it's possible attacks are still getting around that.
*obnoxious
5that's the neat part, you don't.
or at least, not easily.
4Various clues, like what URLs they are requesting, what IPs/regions it's from, if it appears to be real clients based on user agent and ability to execute javascript, and so on.
2
I've hopped to another server due to the abysmal uptime of late. I'll continue checking in though. I know they're working on adding sysops so I'm sure things will improve.
8Really sucks that some dummies would attack lemmy like this.
7Yeah I'm just trying to watch cat vids and those dank memes
1
I left because of the executive decision to defederate from hexbear.
7I'm sure there'll be plenty of others who do the same. Really odd decision.
4
I wish the admins would come out and give an update as to what is going on.
I wish I could migrate my account to another instance.
6You can, sort of.
Use LASIM to download your subbed communities next time lemmy.world is up. Make a new account on another instance. Upload your communities to the new account with LASIM.
Unfortunately, posts/comments don't go - but you can do like me and just leave a trail between your accounts (if you care enough). I just link to and from my old/new accounts in the bio each time I make one. It's a little janky, but it works - and it's better than waiting hours for lemmy.world to be up for 12 minutes before going down again.
6There is a status page that tracks the downtime, it's not totally detailed but gives a bit of information about the problem they're dealing with. The last 2 days of logs are particularly bad 14+ hrs of partial downtime.
3
Also another thread on the topic : https://lemmy.world/post/2856311
It's in !fediverse@lemmy.world , named "When you notice Lemmy is quieter than usual, then have a look at the Lemmy.world status"
3