Techlore Forum Attack, Downtime

Good morning folks!

Last night the Techlore forum was DDoS’d, which is probably still ongoing. As a result, we are using Cloudflare’s services to address the attack.

Our privacy policy has been updated to reflect this change, in particular you may wish to review Cloudflare’s privacy policy. Note that for the purposes of accessing this forum, Cloudflare considers you “End Users,” not “Website Visitors” or “Customers.” Only the sections which they state are applicable to “End Users” are relevant to you.

Holy crap! It’s the first time I see that! After all, the forum displayed with a broken UI during the downtime that there was a high demand so…

Oh no! That’s really unfortunate

Glad to see the site back up and running (at least on my end). Thank you for the post and the transparency with the policy update.

Yeah, also the first time I’ve received an actual DDoS (and not a regular DoS or other mundane attack).

Although this one was not very sophisticated, the server that hosts this forum is just low-power and was overwhelmed easily, since we usually don’t have to deal with anything of the sort and the forum is relatively resource efficient. It should be all fine now

All the forum users are currently rising from the dead after the attack lol

Jumping on the forum from the backwoods using mobile I thought I saw a odd error code. 5xx etc…

Still having issues with search. Is this related?

It might just be you, search seems to be functioning normally for me. Because it’s using Cloudflare it’s actually faster for me now

I’m also noticing a speed increase it may just be in my head tho!

Great job responding to the attack! I’m pretty surprised Techlore was targeted. Some really salty people out there in the dark reaches of the internet I guess.

Well, Great job techlore team! but its also concerning…

Just curious about the motivation for this attack. Were there any demands made before the attack? Or is there actually anyone that dislikes Techlore enough to do something like this “just for the lulz”?

So that explains why I could not access yesterday, confused why someone would do this

ELI5: So how does one deal with a DdOS attack?

Usually the most common way websites deal with a DDoS attack is by utilizing a third party DDoS protection provider such as Cloudflare or DDoS Guard.

What these services do is they become a proxy between the website’s server and the visitors to the website, the service then analyses the packets (source IP, destination IP, protocol etc), HTTP request metadata (user agent, host etc) and HTTP response metrics (HTTP error codes etc) to identify malicious traffic.

Normal users will be able to access the website as normal however traffic that is detected as attack traffic will be diverted from the server and absorbed by the DDoS protection service.

Yeah I had the same thought….

But like you, without evidence I don’t want to make an accusation (unlike the people we’re referencing)

We were just attacked again, but should’ve been very limited downtime that hopefully not many people noticed. Thanks for the patience as we deal with this everyone

Yep, I got some Cloudflare prompts. Also, I don’t know if it’s related to that but passkey logins doesn’t seem to work for me, so I have to go with the good old passwords and 2FA.

Good catch, I think that’s related. Looking into it now.