clear
{{language.name}} No language found.
swap_horiz
{{language.name}} No language found.
search
deniko deniko December 31, 2019 at 4:48 PM December 31, 2019 at 4:48 PM link Permalink

Tatoeba has been very slow the last few days. Also I've been getting "Tatoeba is currently unavailable" message every now and then.

Is it only me?

{{vm.hiddenReplies[33824] ? 'expand_more' : 'expand_less'}} hide replies show replies
fjay69 fjay69 December 31, 2019 at 5:12 PM December 31, 2019 at 5:12 PM link Permalink

I face this problem too.

AlanF_US AlanF_US December 31, 2019 at 5:20 PM December 31, 2019 at 5:20 PM link Permalink

I see it, too.

Pfirsichbaeumchen Pfirsichbaeumchen December 31, 2019 at 5:41 PM December 31, 2019 at 5:41 PM link Permalink

J’ai le même problème.

Ergulis Ergulis December 31, 2019 at 5:49 PM December 31, 2019 at 5:49 PM link Permalink

I have the same issue.

Elsofie Elsofie January 1, 2020 at 1:09 AM January 1, 2020 at 1:09 AM link Permalink

I have this problem also the last two days.

ZiriSut ZiriSut January 1, 2020 at 10:24 AM January 1, 2020 at 10:24 AM link Permalink

Me too, I get the same message these days.

K_hina K_hina January 1, 2020 at 11:56 AM January 1, 2020 at 11:56 AM link Permalink

I have the same issue too.

marioo marioo January 1, 2020 at 3:52 PM January 1, 2020 at 3:52 PM link Permalink

Similar here. In addition (and maybe it can provide a clue) when I try to access Tatoeba from Mexico (thanks to VPN) the DNS don't resolve... no access at all. Could there be an issue with the DNS server at the web hosting site?

gillux gillux January 1, 2020 at 3:58 PM January 1, 2020 at 3:58 PM link Permalink

Tatoeba is facing a DDoS attack. If you’re curious what a DDoS attack is, have a look at https://en.wikipedia.org/wiki/D...service_attack

We are working on it, but there is little we can do about it without blocking legitimate users. We’ll keep you updated.

{{vm.hiddenReplies[33850] ? 'expand_more' : 'expand_less'}} hide replies show replies
Ergulis Ergulis January 1, 2020 at 4:32 PM, edited January 1, 2020 at 7:21 PM January 1, 2020 at 4:32 PM, edited January 1, 2020 at 7:21 PM link Permalink

Thanks you very much for informing us. I hope that everything is sorted out soon.

Isn't the DDoS attack a kind of cybercrime?

I fail to understand to whose benefit something like that is, except for satisfying someone's weak mind.

dcsan dcsan January 1, 2020 at 5:03 PM January 1, 2020 at 5:03 PM link Permalink

perhaps someone else was the target and tatoeba just got caught because they had the wrong IP number... like getting shot in the wrong neighborhood.

{{vm.hiddenReplies[33853] ? 'expand_more' : 'expand_less'}} hide replies show replies
deniko deniko January 2, 2020 at 9:19 AM January 2, 2020 at 9:19 AM link Permalink

Yeah, that's possible, other reasons that come off the top of my head could be the following:

* They're targeting the hosting provider, not tatoeba per se, so they're attacking some of their web sites

* Someone is holding a grudge against Tatoeba.

* Before attacking the real target, it might make sense for the attackers to use some random guinea pigs to test their scripts.

gillux gillux January 19, 2020 at 4:53 AM January 19, 2020 at 4:53 AM link Permalink

The attack looks finished now. So here is a follow-up.

It was an attack on the application level, sending a lot of forged http requests. The contents of the requests looked like randomly built from a set of real data: a combination of URLs, referers and cookies that looked valid individually, but did not make any sense put together. So after analyzing the traffic, I set up some countermeasures and the attack was contained, so you probably didn’t notice that it lasted for about two weeks. It peaked at 30-40 requests per seconds (or 1500 packets per second), which is rather moderate for a ddos, but apparently enough to partially disturb our service. Interestingly, dev.tatoeba.org and wiki.tatoeba.org were also targeted, but at an unnoticeable rate.

Note that it looks like the countermeasures partially blocked a few legitimate users connecting from China. Sorry about that! It should be okay now.

The meaning of this attack is still unclear. It happened at a time when most western people are on vacation. It was very limited in scale and not so hard to dodge. Also, the zombies were all located in China (which doesn’t necessarily mean the attacker is from China nor operating from China). It is worth noting that Tatoeba is not blocked by the GFW according to greatfire.org. Which makes me think that maybe…

* the attacker wants us to block all users from China
* the attacker wants us to think that the attack is related to China whereas it has nothing to do with it
* the attacker has limited resources (not competent, not rich, not state-sponsored)
* we are part of a bigger attack in which we are not the main target
* the attacker is testing our ability to respond to a ddos attack
* the attacker is just holding a grudge against us

{{vm.hiddenReplies[33997] ? 'expand_more' : 'expand_less'}} hide replies show replies
deniko deniko January 20, 2020 at 9:04 AM January 20, 2020 at 9:04 AM link Permalink

Thanks for keeping us in the loop, gillux, and thanks for having dealt with all that.