Go Back  FlyerTalk Forums > Support&Services > Technical Support and Feedback
Reload this Page >

Periodic FT issues (crash, Cloudflare, database errors) - DDoS attack, cf wiki

Periodic FT issues (crash, Cloudflare, database errors) - DDoS attack, cf wiki

    Hide Wikipost
Old Jan 4, 19, 1:52 pm   -   Wikipost
Please read: This is a community-maintained wiki post containing the most important information from this thread. You may edit the Wiki once you have been on FT for 90 days and have made 90 posts.
 
Last edit by: JDiver
Wiki Link
FlyerTalk Up, Down, Crash, DDoS, Database Error, etc.

Thursday July 26, 2018, FlyerTalk was under a DDoS / Distributed Denial of Service attack; it seems to be persisting since then. Cloudflare services are keeping the site up, but you may see errors, page call intercepts and delays while the attack is ongoing.

If you are posting content, select all and copy prior to saving or posting to prevent losing your work. Then you can still post it after overcoming the redirect.

For further information on Cloudflare and its workings, see Post #82 by plunet.

FlyerTalk up or down troubles? Check by using: http://isup.me- or http://www.isitdown.us, http://www.doj.me.

Or use this direct link - http://downorisitjustme.com/res.php?url=flyertalk.com

If it is just you, try: reloading the page; emptying your cache; deleting one or more cookies; quitting and restarting your browser or trying an alternate or shutting down and rebooting your device.



Print Wikipost

Reply

Old Jul 27, 18, 9:08 am
  #61  
A FlyerTalk Posting Legend
Original Poster
2019 FlyerTalk Awards
 
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 78,729
Originally Posted by kipper View Post
I'm still receiving the CloudFlare message today.
Me too.....and I'm using different wifi than yesterday.
MSPeconomist is offline  
Reply With Quote
Old Jul 27, 18, 12:55 pm
  #62  
 
Join Date: Jan 2016
Location: LON
Programs: BAEC, Accor
Posts: 1,146
The cloudflare messages will continue to appear until the attack subsides. The holding page is making a technical assessment that your request is genuine. If this wasn't done the site would typically be on its knees and unresponsive.

Without knowing the details this is most likely an attempt at blackmail. Assuming its blackmail, the attackers are waiting to see if the site owners pay the bitcoins (or other cryptocurrency) to stop the attack. At some point the budget the attackers have to fund the attack (they typically rent attack resource also paid in bitcoins) will run out, and everyone moves on. If you're really lucky law enforcement might get an angle on the perpetrators of the attack, but that's fairly rare.

Having seen the consequences of denial of service attacks elsewhere, FlyerTalk are at a technical level well prepared and have the right defenses in place, and although the holding page and database errors are inconvenient, they are doing the right thing so bear with them. At the current time the only thong iithink they could to do to improve might be a sticky announcement might help spread the word that they are busy working on the issue.
plunet is offline  
Reply With Quote
Old Jul 27, 18, 1:48 pm
  #63  
 
Join Date: Aug 2012
Posts: 3,264
Checking your browser

What is it with this "checking your browser before accessing flyertalk.com" nonsense?

It's totally annoying.
Miggles likes this.
petaluma1 is offline  
Reply With Quote
Old Jul 27, 18, 3:39 pm
  #64  
 
Join Date: Oct 2002
Location: Rolling Lakes Yacht Club
Posts: 4,478
Cloudflare.... ugh

Could IB not afford a real security platform and/or CDN????
Miggles likes this.
DataPlumber is offline  
Reply With Quote
Old Jul 27, 18, 4:40 pm
  #65  
 
Join Date: Jun 2013
Location: Ontario, Canada
Programs: Aeroplan
Posts: 4,530
Originally Posted by pvn View Post
Getting a lot of "Checking your browser" cloudflare screens all of a sudden. Extremely annoying.
Ditto.
Badenoch is offline  
Reply With Quote
Old Jul 27, 18, 8:25 pm
  #66  
Moderator, Alaska Airlines & FlyerTalk Evangelist
 
Join Date: Mar 2004
Location: SGF
Programs: AS, AA, UA, AGR (ex-75K, GLD, 1K, and S+), Choice Diamond, HZ PC, Costco Exec, NPS Passport
Posts: 22,877
Originally Posted by fransknorge View Post
The Wikipedia page of Cloudfare makes for interesting reading. Seems this company is very far from being clean and ethical.
I have no dog in the fight and no interest in Cloudflare and no reason to defend them against any statements, true or not, but your comment piqued my interest and so I went looking for what you're alluding to...and I don't see it.

https://en.wikipedia.org/wiki/Cloudf..._controversies

Originally Posted by DataPlumber View Post
Cloudflare.... ugh

Could IB not afford a real security platform and/or CDN????
I've kind of always felt that Cloudflare was the lazy way out, but I have nothing to base that upon. Just curious, what would a better solution be?

Last edited by jackal; Jul 27, 18 at 9:06 pm
jackal is offline  
Reply With Quote
Old Jul 28, 18, 3:46 am
  #67  
2019 FlyerTalk Awards
 
Join Date: Jun 2018
Location: Brighton UK
Programs: BAEC-Silver, AMEX-BA Prem' Plus & Standard, Accor Gold, HH-Silver, IHG,IBIS On Business
Posts: 544
Possible Security Breach

Hi IT / Admin I know you've been having issues last couple days and don't wish to add to them but could one of you PM about a sec breach I will spotted. Don't want to put details in open forum for obvious details but feel free to PM me or use the email registered to my account and will send you details.

Relative Newbie here so wasn't sure who to reach out to. Any knowledgeable FTs who know who is good for such things please tag them / make them aware if you would be so kind

Thanks in advance
IBJoel likes this.
TWCLAM is offline  
Reply With Quote
Old Jul 28, 18, 4:01 am
  #68  
FlyerTalk Evangelist
2019 FlyerTalk Awards
 
Join Date: Mar 2002
Location: Berlin, Germany; Toronto, Canada; and SW Florida, USA
Programs: UA 1K, BA Gold, Hyatt Globalist, and assorted others
Posts: 21,932
Why would you not post further details? Kind of pointless without. Are you referring to the 'Checking Your Browser' message?
LondonElite is offline  
Reply With Quote
Old Jul 28, 18, 5:43 am
  #69  
 
Join Date: Aug 2010
Location: Box Three Five Oh, Boston Mass, Oh two one three four
Programs: Loyal Order of Water Buffalos
Posts: 2,651
I got that today, LE, is that a known issue?

I seem to have been logged out of a couple sites on my home machine, this one and CC so far
Out of my Element is offline  
Reply With Quote
Old Jul 28, 18, 10:03 am
  #70  
FlyerTalk Evangelist
 
Join Date: Apr 2009
Location: Bye Delta
Programs: AA EXP, HH Diamond, IHG Plat, Hyatt Plat, SPG Gold, MR Gold, Nat'l Exec Elite, Avis Presidents Club
Posts: 14,877
Itís one thing to check that Iím a human, but another to repeat the same check every couple minutes. Including after hitting the submit button on posts, and then failing to actually submit the post afterwards, losing what I wrote in the process.
wrp96, pvn and chrisl137 like this.
javabytes is offline  
Reply With Quote
Old Jul 28, 18, 12:11 pm
  #71  
Moderator: American AAdvantage, Mexico, Technical Support and Feedback, and The Suggestion Box
 
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, MaÓtre-plongeur des Muccis
Posts: 60,470
Originally Posted by javabytes View Post
Itís one thing to check that Iím a human, but another to repeat the same check every couple minutes. Including after hitting the submit button on posts, and then failing to actually submit the post afterwards, losing what I wrote in the process.
We know itís an inconvenience (it is for us Mods as well) , but FlyerTalk (and at least one other Internet Brands forum we know of) have been under a Distributed Denial of Service attack. Cloudflare is intercepting that, but it periodically may intervene and redirect during your browsing with a popup whilst it is checking.

This is explained in the Wikipost at the top of the page, which also advises

If you are posting content, select all and copy prior to saving or posting to prevent losing your work. Then you can still post it after overcoming the redirect.
JDiver, Co-Moderator
IBJoel likes this.

Last edited by JDiver; Jul 29, 18 at 8:22 pm
JDiver is offline  
Reply With Quote
Old Jul 28, 18, 12:13 pm
  #72  
Original Member, Ambassador: External Miles and Points Resources
 
Join Date: May 1998
Location: Digital Nomad Wandering the Earth
Programs: UA 1K/MM refugee to cheapest business class fare, SPG Lifetime Plat, CBP Global Entry, #datelife
Posts: 47,652
Originally Posted by javabytes View Post
It’s one thing to check that I’m a human, but another to repeat the same check every couple minutes. Including after hitting the submit button on posts, and then failing to actually submit the post afterwards, losing what I wrote in the process.
Yeah, this is driving me nuts.

TURN IT OFF! Or at least find a better solution to block the attacks.

Please.
kokonutz is offline  
Reply With Quote
Old Jul 28, 18, 2:33 pm
  #73  
Hilton Contributor BadgeAccor 5+ Badge 2019 FlyerTalk Awards
 
Join Date: Nov 2012
Location: Rhineland-Palatinate
Programs: OW Sapphire (BA), *A Gold (A3), Le Club Accor Silver, HHonor Gold
Posts: 2,048
You do understand that turning it off means the site will be fully down until the attack stops ?
JDiver, jackal, EDIflyer and 4 others like this.
fransknorge is online now  
Reply With Quote
Old Jul 28, 18, 2:44 pm
  #74  
 
Join Date: Jan 2016
Location: LON
Programs: BAEC, Accor
Posts: 1,146
Originally Posted by kokonutz View Post
Yeah, this is driving me nuts.

TURN IT OFF! Or at least find a better solution to block the attacks.

Please.
I get that the holding page is annoying, but do you have any suggestions on better solutions to keep web services up whilst unknown 3rd parties are trying to bring the site down in a sustained attack from many random and changing source addresses? If you don't have the holding page there would be no FlyerTalk at the moment.
jackal, EDIflyer and wrp96 like this.
plunet is offline  
Reply With Quote
Old Jul 28, 18, 3:00 pm
  #75  
 
Join Date: Apr 2008
Location: RDU
Posts: 3,561
How often has FT been under a DDOS attack? I cannot remember ever seeing these CloudFare messages before. Was I just not paying attention?
zitsky is online now  
Reply With Quote

Thread Tools
Search this Thread