Geekzone performance 2019-08-13

Forums › Geekzone › Geekzone performance 2019-08-13

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#255481 14-Aug-2019 09:33

Over a period of almost 20 hours people may have noticed Geekzone was sometimes slow to respond, not responding at all or just spitting out 500 errors (Server error).

Our database server was running at 100% most of this period. After investigating we found a couple of queries that could be optimised but this was not the actual root cause. Further investigation revealed a very large number of page requests coming from China - sometimes at more than 150 - 200 per second. Our poor little server couldn't cope with the stress at a times.

At around 6pm I implemented a whole country block, preventing requests originating from China to reach our server. I had to block the whole country because the requests were coming from different networks.

With this block in place the server was able to return to normal operation. At the end of the 24 hour period we had about 3.8 million requests, with 2.6 million coming from China alone.

The block remains in place, regardless of @sbiddle plans to visit the country in the near future.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

1 | 2 | 3

1034 posts

Uber Geek
+1 received by user: 562

Trusted

#2298876 14-Aug-2019 09:40

When you mentioned performance, the first thing that came into my head was a song and dance by the moderators.... I blame this on too many kids plays and show attended recently 😂

qwertee

735 posts

Ultimate Geek
+1 received by user: 259

Lifetime subscriber

#2298878 14-Aug-2019 09:43

I am disappointed too. maybe for another pizza night?

SirHumphreyAppleby

2938 posts

Uber Geek
+1 received by user: 1860

#2298879 14-Aug-2019 09:43

maoriboy:

When you mentioned performance, the first thing that came into my head was a song and dance by the moderators.... I blame this on too many kids plays and show attended recently 😂

Geekzone Stars?

Can't be worse than Block Stars. Or can it?

Gurezaemon

~HONYAKKER!~
1417 posts

Uber Geek
+1 received by user: 1565

ID Verified

Lifetime subscriber

#2298887 14-Aug-2019 09:48

I'm guessing that anyone legitimately wanting to visit geekzone from China would be using a VPN anyway, to get around the various firewall issues. That would neatly skirt around the geoblock, would it not?

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2298889 14-Aug-2019 09:55

Gurezaemon: I'm guessing that anyone legitimately wanting to visit geekzone from China would be using a VPN anyway, to get around the various firewall issues. That would neatly skirt around the geoblock, would it not?

Correct. My guess this was an intentional DDoS, seeing the traffic wasn't really coming with a legit bot crawler browser user-string.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

robjg63

4161 posts

Uber Geek
+1 received by user: 1425

Subscriber

#2298890 14-Aug-2019 09:56

When I had to look after a website a while back (NZ based site that would be no use to anyone overseas) I found we were getting clobbered and used some tools to see where traffic was coming from.

It was actually pretty scary seeing relentless attempts to access the admin backend from all over the world - notably at the time somewhere in the former Soviet union was featuring pretty heavily.

You have my sympathy and respect!

Nothing is impossible for the man who doesn't have to do it himself - A. H. Weiler

Lego

Shop now for Lego sets and other gifts (affiliate link).

Fred99

13684 posts

Uber Geek
+1 received by user: 10018

#2298953 14-Aug-2019 10:49

Interesting. My guess, this thread is related:

https://www.geekzone.co.nz/forums.asp?forumid=48&topicid=250964

And in the first post of that thread, "Time to get Geekzone blocked in the PRC" wasn't the response.

GZ isn't accessible from China - but "403 - Forbidden" as expected from your block - but it seems as if the site's not firewalled by China.

At a guess, if the Chinese dictators want to launch DDOS attacks against political targets but deny direct involvement, they wouldn't firewall the target to block the botnet they claim they have nothing to do with. (don't shoot me if I'm wrong - I'm no IT expert).

gehenna

8667 posts

Uber Geek
+1 received by user: 3883

Moderator

Trusted

Lifetime subscriber

#2298999 14-Aug-2019 10:59

Do we have conversations going on about the Hong Kong situation?

That's really disturbing behaviour eh.

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#2299005 14-Aug-2019 11:00

Given most of those hits are cache hits, maybe there i still some optimization to make?

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

Rikkitic

Awrrr
19062 posts

Uber Geek
+1 received by user: 16302

Lifetime subscriber

#2299051 14-Aug-2019 11:06

I was actually thinking it was 8chan taking revenge on Cloudflare.

Plesse igmore amd axxept applogies in adbance fir anu typos

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2299074 14-Aug-2019 11:20

hio77:
Given most of those hits are cache hits, maybe there i still some optimization to make?

Actually the cache hits are images and scripts. Pages are always fresh.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

Fred99

13684 posts

Uber Geek
+1 received by user: 10018

#2299086 14-Aug-2019 11:40

gehenna:

Do we have conversations going on about the Hong Kong situation?

From what I've seen, nothing more aggressive (to PRC) than you'd read on any NZ or other western news site.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2299090 14-Aug-2019 11:42

gehenna: Do we have conversations going on about the Hong Kong situation?

If this was indeed a DDoS I have my suspicions but talking about HK was not in the radar.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#2299097 14-Aug-2019 11:53

freitasm:
hio77:

Given most of those hits are cache hits, maybe there i still some optimization to make?

Actually the cache hits are images and scripts. Pages are always fresh.

Missleading graph is missleading then..

Time for a server upgrade! we have to take on our new forum members clearly rather than block them! ;)

On a more serous note, thanks for getting to the bottom of this.

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2299099 14-Aug-2019 11:56

The server runs at 5% most of the times. Investment for those 95% DDoS is not sensible.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

1 | 2 | 3