OSArch community website is being DDoSed

Comments

• dimitar

  July 2024 edited July 2024

  @Moult said:
  G'day all! We were down for the past couple of days due to a DDoS attack. I got a notification from our hosting provider and initially decided to wait for 24 hours to see if it was just a one-off and would finish by itself. After 24 hours and it still continuing, with @dimitar 's help we have now switched to using Cloudflare for DNS and hopefully this'll mean that if we get any future DDoS attacks we'll be able to handle them.

  Thank you for fixing this Dion! Curious, why in the world would someone want to attack community.osarch.org?
• Moult

  July 2024 edited July 2024

  No idea. Maybe just bad luck. I can see stats from Cloudflare of certain countries originating the attacks but I don't think it's meaningful. I actually ended up having to migrate servers (again) so we're now no longer on shared hosting but instead on a VPS. The attack is sporadically ongoing it seems and Namecheaps tiny shared hosting plan is no longer an option :)

  Please be on the lookout for any odd behaviour in case I messed up the migration :)
• Nigel

  July 2024

  it's started again... JOJOBET
• Nigel

  July 2024

  @Moult Hi, uploading files is failing, is this a measure (temporary) in dealing with this DDoS incident or is it me?
• Moult

  July 2024

  @Nigel thanks, uploading files should work now. It was unrelated to the DDoS incident. There seem to be intermittent DDoSing still occurring so we'll just keep watch.

  
• Moult

  July 2024 edited July 2024

  Just an update that not only are we still being DDoSed (it comes and goes), we are also receiving a lot of spam, and in addition this means that users get notifications about these spam threads, and then we get reported to our VPS provider about being a phishing website as another attempt to take us down. Yikes!

  1. If you are an active, trusted community member, please delete spam as soon as you see it. If you don't have access, reach out in the OSArch live chat and I'll give you access.
  2. We're changing security questions and so on to try and prevent dodgy signups. We already have recaptcha. For the time being, all new registrations require manual approval. This is the strongest action we can take.
  3. Enabled akismet spam filtering for all posts except for explicitly verified users.
  4. We've added a warning message at the top of the forums telling people of what's ongoing. This helps prevent innocent bystanders thinking we are truly a purveyor of dodgy online content and we are addressing legal and abuse complaints being sent to our hosting provider.
  5. Enabled a warning to users if a link in a post will cause them to leave the forum.

  
• Nigel

  July 2024 edited July 2024

  you could ask a couple of questions about IfcCovering with answers that can only be found on the BSi website even AI powered bots won't figure that out ;)

  
• Moult

  July 2024

  "Which deprecated class in IFC4 should no longer be used to assign surface styles to representation items?"

  Actual human: "What? Huh?"

  Spam bot:

  In the IFC4 specification, the deprecated class that should no longer be used to assign surface styles to representation items is IfcSurfaceStyleRendering. This class was commonly used in earlier versions of the IFC schema to apply visual styling to geometric models. However, it has been deprecated in favor of a more structured approach using other elements within the IFC schema to handle appearances and materials more effectively.

  For current IFC4 implementations, the recommended practice is to use IfcPresentationStyleAssignment along with IfcStyledItem to assign styles. These classes allow for a more flexible and detailed specification of the appearance of objects within the IFC model, accommodating a range of visual effects and material definitions.

  Both are wrong :)

  
• Nigel

  July 2024

  tic tac toe