Go Back  FlyerTalk Forums > Support&Services > Technical Support and Feedback
Reload this Page >

Periodic FT issues (crash, Cloudflare, database errors) - DDoS attack, cf wiki

Periodic FT issues (crash, Cloudflare, database errors) - DDoS attack, cf wiki

    Hide Wikipost
Old Jan 4, 19, 1:52 pm   -   Wikipost
Please read: This is a community-maintained wiki post containing the most important information from this thread. You may edit the Wiki once you have been on FT for 90 days and have made 90 posts.
 
Last edit by: JDiver
Wiki Link
FlyerTalk Up, Down, Crash, DDoS, Database Error, etc.

Thursday July 26, 2018, FlyerTalk was under a DDoS / Distributed Denial of Service attack; it seems to be persisting since then. Cloudflare services are keeping the site up, but you may see errors, page call intercepts and delays while the attack is ongoing.

If you are posting content, select all and copy prior to saving or posting to prevent losing your work. Then you can still post it after overcoming the redirect.

For further information on Cloudflare and its workings, see Post #82 by plunet.

FlyerTalk up or down troubles? Check by using: http://isup.me- or http://www.isitdown.us, http://www.doj.me.

Or use this direct link - http://downorisitjustme.com/res.php?url=flyertalk.com

If it is just you, try: reloading the page; emptying your cache; deleting one or more cookies; quitting and restarting your browser or trying an alternate or shutting down and rebooting your device.



Print Wikipost

Reply

Old Jul 28, 18, 3:52 pm
  #76  
Moderator, Alaska Airlines & FlyerTalk Evangelist
 
Join Date: Mar 2004
Location: SGF
Programs: AS, AA, UA, AGR (ex-75K, GLD, 1K, and S+), Choice Diamond, HZ PC, Costco Exec, NPS Passport
Posts: 22,876
Originally Posted by zitsky View Post
How often has FT been under a DDOS attack? I cannot remember ever seeing these CloudFare messages before. Was I just not paying attention?
It happens several times a year, but I think this one is unusually long and sustained.

The people running it will give up once they figure out that FT isn't going to cave. @plunet posted a better description of how these things work above.
JDiver likes this.
jackal is offline  
Reply With Quote
Old Jul 28, 18, 4:40 pm
  #77  
FlyerTalk Evangelist
2019 FlyerTalk Awards
 
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Gold
Posts: 11,963
This might be better in the general issues thread but here's what FT looks like for me on mobile after the CloudFlare message appears: https://imgur.com/a/SqsmI4S

(For one thing, I don't use an ad blocker on my phone.)
tmiw is offline  
Reply With Quote
Old Jul 28, 18, 4:57 pm
  #78  
Moderator: American AAdvantage, Mexico, Technical Support and Feedback, and The Suggestion Box
 
Join Date: May 2000
Location: NorCal - SMF area
Programs: AA LT Plat; HH LT Diamond, Maître-plongeur des Muccis
Posts: 60,291
Originally Posted by zitsky View Post
How often has FT been under a DDOS attack? I cannot remember ever seeing these CloudFare messages before. Was I just not paying attention?
Cloudflare is relatively new. DDoS attacks on FT, unfortunately, are not.

As I understand it, a DDoS attack can involve thousands of calls on the website, and many addresses. The intercept check prided by Cloudflare may be an occasional minor pita, but the option is a DDoS attack that works - meaning FT is down and unavailable.
obscure2k, IBJoel and plunet like this.
JDiver is offline  
Reply With Quote
Old Jul 28, 18, 6:45 pm
  #79  
2019 FlyerTalk Awards
 
Join Date: Aug 2017
Programs: Rapid Rewards, AAdvantage, SkyMiles
Posts: 2,249
Yep, they are still coming up on my phone and computer. Annoying but I'll deal with it over not being able to access FT at all.
DCP2016 is offline  
Reply With Quote
Old Jul 28, 18, 9:08 pm
  #80  
 
Join Date: Dec 2002
Location: Texas
Posts: 627
Why not use a simpler, straight to the point holding page that isn't such a shameless CloudFlare promotion? I get it that the site is contending with DDoS issues, but certainly a less obnoxious holding page could have been set up for this, no?
Miggles is offline  
Reply With Quote
Old Jul 28, 18, 11:23 pm
  #81  
 
Join Date: Mar 2008
Location: Fort Lauderdale, FL
Posts: 2,061
Originally Posted by Miggles View Post
Why not use a simpler, straight to the point holding page that isn't such a shameless CloudFlare promotion? I get it that the site is contending with DDoS issues, but certainly a less obnoxious holding page could have been set up for this, no?
First, that "obnoxious" page is on the CloudFare server. So, the FlyerTalk folks may not even be able to customize it.

Second, no offense to the people that run FlyerTalk, but I trust CloudFlare more when it comes to this issue. Personally, I'd rather see a page with CloudFlare branding because I know they are more adept at handling these issues than your average webmaster.

Finally, remember that FlyerTalk is free to you and me.
EDIflyer, T8191 and IBJoel like this.
writerguyfl is offline  
Reply With Quote
Old Jul 29, 18, 6:17 am
  #82  
 
Join Date: Jan 2016
Location: LON
Programs: BAEC, Accor
Posts: 1,078
Cloudflare specialise at this kind of stuff. The "obnoxious" page could possibly be customisable, but probably at significant cost. I've seen that very same page put in front of high profile banking sites previously. You will only see it when an attack is in progress, other times you just get switched through directly to the destination site.

The holding page typically needs to be hosted on separate (CloudFlare in this instance) infrastructure as (1) they have very big pipes to be able to absorb the sometimes massive traffic flows directed at targetted sites - these can typically be multi-gigabit sustained flows that would just conjest and overwhelm the usual connection a site like FlyerTalk might have contracted to have in front of their website. Think of a traffic jam, but a very bad one; maybe Flyertalk usually lives on a two lane highway, but all of a sudden it needs a 20 lane freeway to bring the traffic to the front door, and even then it can't keep up.

And (2) the holding page will have some funky algorithms in it that can self-adjust dynamically based on what is being thrown at FlyerTalk and I would suggest other customers of cloudflare. Many DDoS attacks attempt to overwhelm a website by making lots of connection requests but then never actually asking for a webpage. A bit like kids ringing your doorbell and then running off. Repeat many many many times each second. This is highly specialised stuff that needs to be oursourced to the specialists where they can aggregate their knowledge across mulitple customers.

The attacks can go further into the web application itself, with all manner of ways to try to nobble the website itself - with damage and data loss - if the web application has any latent flaws in it. This can happen at any time, but when it's mixed up in the deluge of a wider attack trying to defend youself from the real nasty stuff when you can't see the wood through the trees is very difficult. Although not a silver bullet, the CloudFlare tech will assist with defeating many attempts to do nasty stuff to the web application itself. And I hasten to add that just because there is an attack there's no specific additional risk that data has been lost or compromised.

Where you had a contractural relationship with a site to provide a service, and they are extracting money from you for the provision of that site, then you would expect them to invest in appropriate protection. But FlyerTalk doesn't cost me anything apart from having adverts on the site, yet the owners are investing their money to keep their brand and webpresence up on the net. It's their commercial decision but probably an honourable one, but there will be a significant dent in their income stream from adverts to pay for the DDoS mitigation.
JDiver, oliver2002, jackal and 3 others like this.
plunet is offline  
Reply With Quote
Old Jul 29, 18, 10:14 am
  #83  
 
Join Date: Mar 2008
Location: Israel/United States
Posts: 891
"Checking your browser"

I'm not sure if this is the right place, but does anyone know what the "checking your browser" thing is that has been on the screen the past few days prior to actually accessing the page. Is it legit?

Thanks
muji likes this.
awayIgo is offline  
Reply With Quote
Old Jul 29, 18, 11:05 am
  #84  
 
Join Date: Sep 2015
Location: BUF
Programs: SkyTean, Star Alliance, HHonors
Posts: 136
The messages are from Cloudflare - https://en.m.wikipedia.org/wiki/Cloudflare

I noticed problems with the site right before the Cloudflare messages started showing up, database connection issues IIRC. I wonder if maybe FT was getting DDOS'd and started using Cloudflare to mitigate that.
smc333 is offline  
Reply With Quote
Old Jul 29, 18, 11:25 am
  #85  
Moderator: Hawaii-based airlines & Hawai'i forums
 
Join Date: Mar 2003
Location: Ka ʻĀpala Nui
Programs: NEXUS/Global Entry, Delta, United, Hyatt, IHG, Marriott/spg, M life, and Hertz
Posts: 15,676
Please see: https://www.flyertalk.com/forum/tech...k-cf-wiki.html
smc333 likes this.
FlyinHawaiian is offline  
Reply With Quote
Old Jul 29, 18, 11:25 am
  #86  
 
Join Date: Sep 2012
Location: AGH
Posts: 4,265
I have no problem with the CloudFlare system in general, but it really sucks when you write a posting, click send and then hits the DDoS protection. Then your posting is gone... with some luck you can get it back by double "back" in the browser. But that doesn't work 100% reliable...
fassy is online now  
Reply With Quote
Old Jul 29, 18, 11:39 am
  #87  
 
Join Date: Apr 2008
Location: RDU
Posts: 3,472
Originally Posted by writerguyfl View Post
First, that "obnoxious" page is on the CloudFare server. So, the FlyerTalk folks may not even be able to customize it.

Second, no offense to the people that run FlyerTalk, but I trust CloudFlare more when it comes to this issue. Personally, I'd rather see a page with CloudFlare branding because I know they are more adept at handling these issues than your average webmaster.

Finally, remember that FlyerTalk is free to you and me.
I agree CF or something like it is needed. Is FT free? Maybe. Most of us watch plenty of ads. We contribute content to this free site that makes it more valuable.
zitsky is offline  
Reply With Quote
Old Jul 29, 18, 12:03 pm
  #88  
FlyerTalk Evangelist
 
Join Date: Mar 2010
Location: JER
Programs: BA Gold/OWE, several MUCCI, and assorted Pensions!
Posts: 27,475
Originally Posted by zitsky View Post
I agree CF or something like it is needed. Is FT free? Maybe. Most of us watch plenty of ads. We contribute content to this free site that makes it more valuable.
I confess that only Ads I ever open are ones I hit with fat fingers, and I usually ‘go back’ before they open. Sorry, Intenet Brands
IBJoel likes this.
T8191 is offline  
Reply With Quote
Old Jul 29, 18, 12:05 pm
  #89  
 
Join Date: Jun 2009
Location: London, United Kingdom
Programs: British Airways Gold
Posts: 2,048
Denial of service attack protection
ajeleonard is offline  
Reply With Quote
Old Jul 29, 18, 1:00 pm
  #90  
 
Join Date: Apr 2008
Location: RDU
Posts: 3,472
Originally Posted by fassy View Post
I have no problem with the CloudFlare system in general, but it really sucks when you write a posting, click send and then hits the DDoS protection. Then your posting is gone... with some luck you can get it back by double "back" in the browser. But that doesn't work 100% reliable...
A few people have suggested copy and paste.
zitsky is offline  
Reply With Quote

Thread Tools
Search this Thread