Pages:
Author

Topic: [ANN] bitcoindata.science | sponsored by BC.Game - page 3. (Read 3051 times)

legendary
Activity: 1148
Merit: 3117
While it doesn't happen to me often, in some rare instances when I try to access the website I am presented with the following message:
Code:



    
    
    One moment, please...
    
    

    

Please wait while your request is being verified...


    
 (...)
Is this some sort of broken captcha page that perhaps isn't compatible with some settings that I have going on with my browser? After a few tries (or coming back later) the website just loads normally.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Yeah, CF blocked most bad traffic as far as I can see.
However,  it blocked Feebudy (which is a bot lol).


I've been monitoring your total bandwidth for the last few days, it seems you have a bit more traffic compared to before the attack, but within tolerable limits. These days I also noticed that many sites are under similar pressures.

I don't have much experience with more advanced CloudFlare settings, but have you tried adding some exceptions, for FeeBuddy for example? I saw that in Security>>WAF there is an option to add custom rules to protect API and known bots from malicious traffic.
Missing FeeBuddy  Wink

Yeah, I am close to 13k visitors per month. Incredible number!! Never expected to reach that

I miss fee buddy too. The point is that I am working in other projects too. I have a broken api in withdrawal strategy as well (coingecko decide to move to a paid plan model)... I will fix it and then I will see what I can do for feebuddy. I added some protection against bots, which is probably blocking him
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
Yeah, CF blocked most bad traffic as far as I can see.
However,  it blocked Feebudy (which is a bot lol).


I've been monitoring your total bandwidth for the last few days, it seems you have a bit more traffic compared to before the attack, but within tolerable limits. These days I also noticed that many sites are under similar pressures.

I don't have much experience with more advanced CloudFlare settings, but have you tried adding some exceptions, for FeeBuddy for example? I saw that in Security>>WAF there is an option to add custom rules to protect API and known bots from malicious traffic.
Missing FeeBuddy  Wink
legendary
Activity: 2212
Merit: 7064
He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.
I wouldn't be surprised if that was the case  Tongue

There aren't many companies competing with cloudflare.like  aws and azure and a few more, but Cloudflare is the most used.
eXch admin once said there is a good alternative for cloudflare he is using, but I am sure it's not free or cheap.
$200 per year for cloudflare is not so expensive but nobody can guarantee you won't have ddos attacks again.

This falls in the same category as anti-virus companies releasing computer viruses.
I was just thinking the same thing, I think John McAfee explained very well that antiviruses are mostly doing nothing but spy people, and they are useless today Wink
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
I don't know how you are managing the server, bitmover. But, I think you need to review this hosting company, as it could be a company that attracts these types of attacks.


The server is hosted by Hetzner.
I have 50-100 sites (small and large) on the same server, only bitmover's site is under attack. 10+ years on the same contract, several upgrades in the meantime, all this gives me very little room that this bad intention came from there.

I also asked them for a solution to solve this problem and I got a very similar answer as I advised bitmover myself, somewhat more radical settings on cloudflare.
@joker_josue You have well suggested this for a DDoS protection service, I will talk to them about it and whether there are such possibilities.

As far as I can see, most of this bad traffic has been halted so far, CF seems to be doing its job.

But they already have this service: https://www.hetzner.com/unternehmen/ddos-schutz/
Now, it seems to me that it is only available in the WEBHOSTING or MANAGED SERVERS service.

If you are using the dedicated server, I think this service is not included. But, it may be possible for an additional cost. Or, since you are using a dedicated server, you can choose a service for yourself. In addition to Cloudflare, there is Imunify360 - https://www.imunify360.com - you can take a look.

legendary
Activity: 2352
Merit: 6089
bitcoindata.science
As far as I can see, most of this bad traffic has been halted so far, CF seems to be doing its job.

Yeah, CF blocked most bad traffic as far as I can see.
However,  it blocked Feebudy (which is a bot lol).

I will try to reduce cf setting later to unblock him..
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
I don't know how you are managing the server, bitmover. But, I think you need to review this hosting company, as it could be a company that attracts these types of attacks.


The server is hosted by Hetzner.
I have 50-100 sites (small and large) on the same server, only bitmover's site is under attack. 10+ years on the same contract, several upgrades in the meantime, all this gives me very little room that this bad intention came from there.

I also asked them for a solution to solve this problem and I got a very similar answer as I advised bitmover myself, somewhat more radical settings on cloudflare.
@joker_josue You have well suggested this for a DDoS protection service, I will talk to them about it and whether there are such possibilities.

As far as I can see, most of this bad traffic has been halted so far, CF seems to be doing its job.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.
This falls in the same category as anti-virus companies releasing computer viruses.

The point is that you don't need an antivírus to have a computer.
But basically all big websites runs on cloudflare (most that i know of), not because they want, but because someone always is attacking who doesn't use it.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
@LoyceV: Hm. I guess you are right on this one. However, I think the packet contens themselves don't need to be inspected, but just the TCP/IP metadata. That is not encrypted and will take care of everything up to Layer 7 attacks. For that, you can just measure the frequency of requests made to a particular URL (since that is unencrypted too).
How are you going to distinguish between me, who tries to access DDOSed site 5 times an hour to see if it's back up, and 5 million bots who each send one request per hour to the site?

He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.
This falls in the same category as anti-virus companies releasing computer viruses.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
[Now, I think this is a bit of a conspiracy theory. Because there are companies competing with Cloudflare, and therefore, the person can simply switch to another company, as the plan they are using at Cloudflare is not delivering as promised.

There aren't many companies competing with cloudflare.like  aws and azure and a fee more, buy Cloudflare is the most used.

I use the free cloudlfare plan now.
Their cheapest plan is 200 usd per year.

Alternatives exist, but they may not have free plans with the same quality.
Does your hosting company not offer a DDoS protection service, for example? Of course, it never guarantees 100% security, but it is always another protective barrier.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
[Now, I think this is a bit of a conspiracy theory. Because there are companies competing with Cloudflare, and therefore, the person can simply switch to another company, as the plan they are using at Cloudflare is not delivering as promised.

There aren't many companies competing with cloudflare.like  aws and azure and a few more, but Cloudflare is the most used.

I use the free cloudlfare plan now.
Their cheapest plan is 200 usd per year.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
I was talking with a friend owns a somewhat big domain in Brazil.
He said people do this kind of attacks and usually ask money to stop the attack.

He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.

I've never heard of this, but I've also never researched the topic. So I'm not going to say it won't happen.

Now, I think this is a bit of a conspiracy theory. Because there are companies competing with Cloudflare, and therefore, the person can simply switch to another company, as the plan they are using at Cloudflare is not delivering as promised.

Either way, I just hope that you can resolve these problems, and that everything is back to normal. If we can do something on this side, feel free.  Wink
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
I was talking with a friend owns a somewhat big domain in Brazil.
He said people do this kind of attacks and usually ask money to stop the attack.

He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.

Where I live, when communism ended, insurance companies offered to protect and insure you against their own henchmen when you had a business lol Cheesy
I think that's exactly what CF is doing in our case, I agree with examplens idea... I can imagine some DDOS attacks blackmailing dark net markets as they already are "XMR/BTC savvy" and generating a lot of money (perfect targets for this kind of activities IMO), but I'd be surprised if that was the case for a niche website like yours even if it is crypto-related.

I hope you get the hang of it soon bitmover!
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Well, I am under a DDOS attack. Even cloudflare couldn`t stop it. I switched to a far more aggressive configuration now.
I don't understand what would be the reason for attacking Bitmover website, unless they are just training and randomly attacking everyone they can, especially if website has some connection with Bitcoin  Tongue
Sometimes I think that hosting providers are somehow involved in attacks like this, in this way they are forcing you to upgrade and buy more expensive packages.

I happened to think the same.

I don't know how you are managing the server, bitmover. But, I think you need to review this hosting company, as it could be a company that attracts these types of attacks.

Review your API code to check if there is anything that could be attracting the attention of these bots.

I was talking with a friend owns a somewhat big domain in Brazil.
He said people do this kind of attacks and usually ask money to stop the attack.

He also said the same examplens said : this could be an attack from cloudflare, to force me into a paid plan.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Well, I am under a DDOS attack. Even cloudflare couldn`t stop it. I switched to a far more aggressive configuration now.
I don't understand what would be the reason for attacking Bitmover website, unless they are just training and randomly attacking everyone they can, especially if website has some connection with Bitcoin  Tongue
Sometimes I think that hosting providers are somehow involved in attacks like this, in this way they are forcing you to upgrade and buy more expensive packages.

I happened to think the same.

I don't know how you are managing the server, bitmover. But, I think you need to review this hosting company, as it could be a company that attracts these types of attacks.

Review your API code to check if there is anything that could be attracting the attention of these bots.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science

@bitmover, it looks like you messed up FeeBuddy with more aggressive settings on CloudFlare. I didn't see any posts from that side today.


Thanks.
I blocked all bots. Somehow, cloudflare is blocking bots from its own domain, but bots from other regions are still attacking.... I will see what I can do
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
Sometimes I think that hosting providers are somehow involved in attacks like this, in this way they are forcing you to upgrade and buy more expensive packages.


I guarantee that it is not up to the hosting provider in this case.  Wink
Other sites (hosted with bitmover's site) do not have this problem, and from 01.01.2024 it is on a slightly more expensive package.


@bitmover, it looks like you messed up FeeBuddy with more aggressive settings on CloudFlare. I didn't see any posts from that side today.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Maybe examplens is right, and cloudflare is attacking so I get a paid plan.

That doesn't make any sense either. I've never had any of my web properties attacked by cloudflare in order to make me pay up.

@LoyceV: Hm. I guess you are right on this one. However, I think the packet contens themselves don't need to be inspected, but just the TCP/IP metadata. That is not encrypted and will take care of everything up to Layer 7 attacks. For that, you can just measure the frequency of requests made to a particular URL (since that is unencrypted too).
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
It seems to me that the attack has slowed down a bit now.
I hope that the sharper configuration of CF will not cause problems with the operation of the tools, considering that they are all automated.

....

I wouldn't be surprised if it's a CloudFlare tactic to push him to a paid plan.

Thanks for your support examplens.

Attack has slowed, but looks to be increasing again


They are attacking basically the api. All attacks go to bitcoindata.science/api/.....



On another topic, I have updated the balance checker tool, so it supports QR Codes now.



https://bitcoindata.science/bitcoin-balance-check

This was a Hhampuz request, and I think it is very useful


Well, I am under a DDOS attack. Even cloudflare couldn`t stop it. I switched to a far more aggressive configuration now.
I don't understand what would be the reason for attacking Bitmover website, unless they are just training and randomly attacking everyone they can, especially if website has some connection with Bitcoin  Tongue
Sometimes I think that hosting providers are somehow involved in attacks like this, in this way they are forcing you to upgrade and buy more expensive packages.


Maybe examplens is right, and cloudflare is attacking so I get a paid plan.
legendary
Activity: 2212
Merit: 7064
Well, I am under a DDOS attack. Even cloudflare couldn`t stop it. I switched to a far more aggressive configuration now.
I don't understand what would be the reason for attacking Bitmover website, unless they are just training and randomly attacking everyone they can, especially if website has some connection with Bitcoin  Tongue
Sometimes I think that hosting providers are somehow involved in attacks like this, in this way they are forcing you to upgrade and buy more expensive packages.
Pages:
Jump to: