Jul 26, 2018, 11:26 am
Last edit by: JDiver
FlyerTalk Up, Down, Crash, DDoS, Database Error, etc.
Thursday July 26, 2018, FlyerTalk was under a DDoS / Distributed Denial of Service attack; it seems to be persisting since then. Cloudflare services are keeping the site up, but you may see errors, page call intercepts and delays while the attack is ongoing.
If you are posting content, select all and copy prior to saving or posting to prevent losing your work. Then you can still post it after overcoming the redirect.
For further information on Cloudflare and its workings, see Post #82 by plunet.
FlyerTalk up or down troubles? Check by using: http://isup.me- or http://www.isitdown.us, http://www.doj.me.
Or use this direct link - http://downorisitjustme.com/res.php?url=flyertalk.com
If it is just you, try: reloading the page; emptying your cache; deleting one or more cookies; quitting and restarting your browser or trying an alternate or shutting down and rebooting your device.
Periodic FT issues (crash, Cloudflare, database errors) - DDoS attack, cf wiki
Jul 27, 2018, 9:08 am
#61
A FlyerTalk Posting Legend
Original Poster
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,417
Jul 27, 2018, 12:55 pm
#62
Join Date: Jan 2016
Location: LON
Programs: BAEC
Posts: 3,918
The cloudflare messages will continue to appear until the attack subsides. The holding page is making a technical assessment that your request is genuine. If this wasn't done the site would typically be on its knees and unresponsive.
Without knowing the details this is most likely an attempt at blackmail. Assuming its blackmail, the attackers are waiting to see if the site owners pay the bitcoins (or other cryptocurrency) to stop the attack. At some point the budget the attackers have to fund the attack (they typically rent attack resource also paid in bitcoins) will run out, and everyone moves on. If you're really lucky law enforcement might get an angle on the perpetrators of the attack, but that's fairly rare.
Having seen the consequences of denial of service attacks elsewhere, FlyerTalk are at a technical level well prepared and have the right defenses in place, and although the holding page and database errors are inconvenient, they are doing the right thing so bear with them. At the current time the only thong iithink they could to do to improve might be a sticky announcement might help spread the word that they are busy working on the issue.
Without knowing the details this is most likely an attempt at blackmail. Assuming its blackmail, the attackers are waiting to see if the site owners pay the bitcoins (or other cryptocurrency) to stop the attack. At some point the budget the attackers have to fund the attack (they typically rent attack resource also paid in bitcoins) will run out, and everyone moves on. If you're really lucky law enforcement might get an angle on the perpetrators of the attack, but that's fairly rare.
Having seen the consequences of denial of service attacks elsewhere, FlyerTalk are at a technical level well prepared and have the right defenses in place, and although the holding page and database errors are inconvenient, they are doing the right thing so bear with them. At the current time the only thong iithink they could to do to improve might be a sticky announcement might help spread the word that they are busy working on the issue.
Jul 27, 2018, 8:25 pm
#66
FlyerTalk Evangelist
Join Date: Mar 2004
Location: SGF
Programs: AS, AA, UA, AGR S (former 75K, GLD, 1K, and S+, now an elite peon)
Posts: 23,195
https://en.wikipedia.org/wiki/Cloudf..._controversies
I've kind of always felt that Cloudflare was the lazy way out, but I have nothing to base that upon. Just curious, what would a better solution be?
Last edited by jackal; Jul 27, 2018 at 9:06 pm
Jul 28, 2018, 3:46 am
#67
Join Date: Jun 2018
Location: Brighton UK
Programs: BAEC-Silver, AMEX-BA Prem' Plus & Standard, Accor Gold, HH-Silver, IHG,IBIS On Business
Posts: 955
Possible Security Breach
Hi IT / Admin I know you've been having issues last couple days and don't wish to add to them but could one of you PM about a sec breach I will spotted. Don't want to put details in open forum for obvious details but feel free to PM me or use the email registered to my account and will send you details.
Relative Newbie here so wasn't sure who to reach out to. Any knowledgeable FTs who know who is good for such things please tag them / make them aware if you would be so kind
Thanks in advance
Relative Newbie here so wasn't sure who to reach out to. Any knowledgeable FTs who know who is good for such things please tag them / make them aware if you would be so kind
Thanks in advance
Jul 28, 2018, 5:43 am
#69
Join Date: Aug 2010
Location: Formerly Box 350, Boston Mass, Oh two one three four. Now near Beverly Hills 90210
Programs: Loyal Order of Water Buffalos
Posts: 3,938
I got that today, LE, is that a known issue?
I seem to have been logged out of a couple sites on my home machine, this one and CC so far
I seem to have been logged out of a couple sites on my home machine, this one and CC so far
Jul 28, 2018, 10:03 am
#70
FlyerTalk Evangelist
Join Date: Apr 2009
Location: Bye Delta
Programs: AA EXP, HH Diamond, IHG Plat, Hyatt Plat, Marriott Plat, Nat'l Exec Elite, Avis Presidents Club
Posts: 16,276
It’s one thing to check that I’m a human, but another to repeat the same check every couple minutes. Including after hitting the submit button on posts, and then failing to actually submit the post afterwards, losing what I wrote in the process.
Jul 28, 2018, 12:11 pm
#71
Moderator: American AAdvantage
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 62,948
This is explained in the Wikipost at the top of the page, which also advises
If you are posting content, select all and copy prior to saving or posting to prevent losing your work. Then you can still post it after overcoming the redirect.
Last edited by JDiver; Jul 29, 2018 at 8:22 pm
Jul 28, 2018, 12:13 pm
#72
Original Member, Ambassador: External Miles and Points Resources
Join Date: May 1998
Location: Digital Nomad Wandering the Earth - Currently in LIMA, PERU
Posts: 58,620
TURN IT OFF! Or at least find a better solution to block the attacks.
Please.
Jul 28, 2018, 2:44 pm
#74
Join Date: Jan 2016
Location: LON
Programs: BAEC
Posts: 3,918
I get that the holding page is annoying, but do you have any suggestions on better solutions to keep web services up whilst unknown 3rd parties are trying to bring the site down in a sustained attack from many random and changing source addresses? If you don't have the holding page there would be no FlyerTalk at the moment.