Would love to know more about yesterday’s mastodon.social DDoS attack. So many people use that instance, when it’s slow we notice. In this case, it actually revealed a bug in Micro.blog, sending too many requests to Mastodon. Feel bad that it probably wasn’t helping their server.
Rene van Belzen It wasn’t only mastodon.social. All of Germany was attacked, it seems, by Russian hackers.
Manton Reece @renevanbelzen How disappointing. Is there a write-up about the attack somewhere?
Richard Bairwell @manton According to the Patreon Discord, there were multiple IPs (mainly from DigitalOcean but some from residential IPs) initially sending bad HTTP Method requests. It stopped for a while (when firewall rules were being put in place) but then resumed looking like standard requests to /explore and / : with 100+ different IPs in a 10k request block. There's now improved rating limiting and filtering in place.
Manton Reece @pratik Luckily it appears not. 🙂 Micro.blog’s requests are also mostly authenticated and shouldn’t look suspicious.