DDoS Mitigation Added due to Attack 2025-07-15
- Matt_K
- Posts: 4809
- Joined: Mar 21, 2018
I thought I'd mention this in a separate thread so I can track this issue specifically. As I mentioned elsewhere, we experienced a major DDoS attack after I finished the upgrades and have been forced to implement some severe CloudFlare limitations. I understand these may be annoying to deal with. Please post any issues you have with CloudFlare here. You may see a Cloudflare pop-up on EVERY PAGE LOAD, which I do not want to do more than the next day or so.
However, if people are not noticing significant problems or better that it solves them, I would be interested in hearing that too here. Thanks!
However, if people are not noticing significant problems or better that it solves them, I would be interested in hearing that too here. Thanks!
- mgladdish
- Posts: 155
- Joined: Oct 10, 2021
I just had the one cloud flare “verify you are a human” on mobile. Subsequent page loads have all been fine.
- BGuttman
- Posts: 7368
- Joined: Mar 22, 2018
[quote="mgladdish"]I just had the one cloud flare “verify you are a human” on mobile. Subsequent page loads have all been fine.[/quote]
Same for me, but I'm on a laptop.
Same for me, but I'm on a laptop.
- hyperbolica
- Posts: 3990
- Joined: Mar 23, 2018
much better here
- Matt_K
- Posts: 4809
- Joined: Mar 21, 2018
Has anyone been able to connect via mobile? It took mine a few attempts to verify I was human but eventually it let me through, but I haven't had any problems on my desktop using firefox.
- EriKon
- Posts: 636
- Joined: Apr 03, 2022
[quote="Matt K"]Has anyone been able to connect via mobile? It took mine a few attempts to verify I was human but eventually it let me through, but I haven't had any problems on my desktop using firefox.[/quote]
Was fine over here. Took 5 seconds to verify but no problems.
Edit: Okay, there was another Cloudflare confirmation once I tried to post.
Was fine over here. Took 5 seconds to verify but no problems.
Edit: Okay, there was another Cloudflare confirmation once I tried to post.
- RoscoTrombone
- Posts: 251
- Joined: Oct 17, 2018
Just literally came on, verification took a few seconds and no issues changing pages or logging in so far.
The trombone chat name at the top is missing though. There's a coffee cup then phpBB written?
Edit - no Cloud Flare posting this.
The trombone chat name at the top is missing though. There's a coffee cup then phpBB written?
Edit - no Cloud Flare posting this.
- atopper333
- Posts: 377
- Joined: Mar 09, 2022
I’ve logged in twice on mobile. Only got the verification the first time I logged in.
- AndrewMeronek
- Posts: 1487
- Joined: Mar 30, 2018
I just had Cloudflare prevent me posting a reply and the "human check" dropped the text of my reply and dumped me into the "full editor post a reply" screen. So yeah, there potentially is a problem.
- pfrancis
- Posts: 172
- Joined: Jul 22, 2018
[quote="Matt K"]Has anyone been able to connect via mobile? It took mine a few attempts to verify I was human but eventually it let me through, but I haven't had any problems on my desktop using firefox.[/quote]
First time no prob
First time no prob
- tbdana
- Posts: 1928
- Joined: Apr 08, 2023
I've had it pop up once when I first logged on, and then twice when I tried to open threads.
- mrdeacon
- Posts: 1225
- Joined: May 08, 2018
[quote="atopper333"]I’ve logged in twice on mobile. Only got the verification the first time I logged in.[/quote]
Same! Zero issues on my iPhone.
Same! Zero issues on my iPhone.
- slidesix
- Posts: 107
- Joined: Jan 03, 2025
Matt, the cloud flare mitigations are EXCELLENT and working BEAUTIFULLY AS INTENDED. When testing a variety of forum actions—except for posting messages or long messages—i seem to get prompted about every 2 hours with a captcha from cloudflare. For me this is great. As I can actually access the forum. So thank you. I don’t even mind. Keep up the great work. F’n thank you from the bottom of my heart. From my end: DDoS mitigated. You ROCK.
/Aaron T
/Aaron T
- slidesix
- Posts: 107
- Joined: Jan 03, 2025
I did get the cloudflare prompt and redirect to full editor after I posted. You know what? I don’t care as this is better than what we had before. My $0.02.
- slidesix
- Posts: 107
- Joined: Jan 03, 2025
I did get the cloudflare prompt and redirect to full editor after I posted. You know what? I don’t care as this is better than what we had before. My $0.02.
- mgladdish
- Posts: 155
- Joined: Oct 10, 2021
Huh. Tried to access on mobile about 3 hours ago and I was stuck on the cloudflare "are you human" prompt. It sat just spinning for several minutes, eventually gave me a check box, and then sat spinning again. It never completed and I couldn't get in. All seems fine now though.
- Matt_K
- Posts: 4809
- Joined: Mar 21, 2018
Woweee yeah so that was 100% the problem. It's now been in place for almost a full day and these are the stats on that rule I posted:
<ATTACHMENT filename="Screenshot 2025-07-16 at 9.19.50 AM.png" index="0">[attachment=0]Screenshot 2025-07-16 at 9.19.50 AM.png</ATTACHMENT>
What I've done is put a rule in place that says EVERY IP address needs to do a challenge occasionally, except an IP I'm planning on using for a status.trombonechat.com page, and I'll need to be unchallenged to occasionally ping the site. As a result, we're seeing 0.41% of all total requests have been successfully answered (22k out of 547,800) :amazed:
What is not pictured are some other blocks I had in place that I don't want to screenshot, because my conclusion is that this is actually NOT LLM traffic that I had suspected, but appears to be a wholly malicious operation - if I were a betting individual. (I've got separate rules for a variety of known quantities and those rules have a FRACTION of the traffic.). To what ends the nefarious purposes are, I have no idea. Its possible that they are LLM training that are not going through the proper channels, someone who has a beef with us, script kiddies, etc.
Fortunately, it seems that simply forcing everyone to prove they are a human is not super onerous given this feedback (or it's completely blocking the people who would report otherwise?). I too had a problem with iOS yesterday, but it seems that once you let it spin for a while (took 3 tries and ~5 minutes for me at first, and now it goes through no problem but please keep me updated on if it becomes impossible to get in.
<ATTACHMENT filename="Screenshot 2025-07-16 at 9.19.50 AM.png" index="0">
What I've done is put a rule in place that says EVERY IP address needs to do a challenge occasionally, except an IP I'm planning on using for a status.trombonechat.com page, and I'll need to be unchallenged to occasionally ping the site. As a result, we're seeing 0.41% of all total requests have been successfully answered (22k out of 547,800) :amazed:
What is not pictured are some other blocks I had in place that I don't want to screenshot, because my conclusion is that this is actually NOT LLM traffic that I had suspected, but appears to be a wholly malicious operation - if I were a betting individual. (I've got separate rules for a variety of known quantities and those rules have a FRACTION of the traffic.). To what ends the nefarious purposes are, I have no idea. Its possible that they are LLM training that are not going through the proper channels, someone who has a beef with us, script kiddies, etc.
Fortunately, it seems that simply forcing everyone to prove they are a human is not super onerous given this feedback (or it's completely blocking the people who would report otherwise?). I too had a problem with iOS yesterday, but it seems that once you let it spin for a while (took 3 tries and ~5 minutes for me at first, and now it goes through no problem but please keep me updated on if it becomes impossible to get in.