Noticed that the site has been real slow today so I scrolled down on the main page and saw...


There are currently 4181 users online (https://www.ar-15.co/online.php). 28 members and 4153 guests
Most users ever online was 9,183, Today at 17:51.



That's a lot of guests ... so Mods, any idea what's pulling that much traffic here today?


ETA Number of guests has jumped considerably in the last few minutes:

There are currently 7550 users online (https://www.ar-15.co/online.php). 54 members and 7496 guests

Site has been sluggish for me today. Thought it was either my ISP or Tapatalk app.

Those site numbers seem skewed, probably some sort of bot attack.[panic]

It's the .gov keeping a watchful eye over us. You know, to keep us safe.

very slow here too

Those site numbers seem skewed, probably some sort of bot attack.[panic]

Yeah, my guess is a real weak sauce DDOS attempt by some script kiddie with a real lame bot-net.

very slow here too

Here too, that does seem like a lot. I'd vote some sort of attack as well.

Slow here too, took like 20 seconds to load this thread on tapatalk.

Slow for me too. No complaints though... Love having this place.

Slow slowly slower

Sent from my SM-T800 using Tapatalk

Something definitely isn't right. There are more people online currently than there were after the theater shooting.

Most users ever online was 9,189, Today at 20:15.

The numbers for the various subforums are interesting too: more than 50 people browsing each of the various industry partner subforums? Really? The Ammo subforum has 120+ "viewers". hmmmmmmm....

Lots of potheads wanting to buy guns and ammo apparently!

No attack...I just told a few of my closest friends to check out the site.

No attack...I just told a few of my closest friends to check out the site.

You must be a friendly guy.[AR15]

I saw Ginsue cruise through a little bit ago. Admins be fixin.

Must be those antis trying to order guns online, delivered to their door, with no background check.

I logged in and out three times. Including one restart. I thought it was my computer that was slow. This is the only site that is slow that I have visited today, so must be something going on. Now I have to go find my tinfoil hat, forgot where I put it.

I have nothing good to say. [Dunno] I was slow today too. I tried to buy some boots online. Then I ran that onyx thing to try to clean it all up.

I was posting #s a couple of years ago and no one seemed to care. Turned out to be an interweb glitch.

It's better now and the number of guests has dropped to 239. Much faster.

Yeah, my guess is a real weak sauce DDOS attempt by some script kiddie with a real lame bot-net.


I saw Ginsue cruise through a little bit ago. Admins be fixin.


I alerted J on this earlier and he tweaked the firewall a bit, but it was an attempt at a DDoS using Chinese bots coming through US provider with multiple weaknesses. I see spam accounts coming trough the same provider often and have tried to block those IP subnets, but that provider has a LOT of them.

Just got off of the phone with J and, as you can see, he seems to have tweaked the firewall enough to block most, if not all of the subnets. He's going to shoot me a list of the blocked subnets so I can run it against the forum to see if this will affect any of our members. We'll adjust as needed.

This thread was a good idea, but always remember that the quickest way to reach the staff is by using the "Report" icon.

I alerted J on this earlier and he tweaked the firewall a bit, but it was an attempt at a DDoS using Chinese bots coming through US provider with multiple weaknesses. I see spam accounts coming trough the same provider often and have tried to block those IP subnets, but that provider has a LOT of them.

Just got off of the phone with J and, as you can see, he seems to have tweaked the firewall enough to block most, if not all of the subnets. He's going to shoot me a list of the blocked subnets so I can run it against the forum to see if this will affect any of our members. We'll adjust as needed.

This thread was a good idea, but always remember that the quickest way to reach the staff is by using the "Report" icon.

Thanks, Ginsue & J - you guys rock!

I've been fighting with this a good bit this afternoon/evening. It might continue to be a bumpy ride for a bit, until our attacker gets a tired of his hijinx.

It seems that someone has found a vulnerability in a large colocation provider. We have received several moderate level DoS attacks at various times today. Unfortunately, the provider that has been compromised has many servers, over almost a dozen locations, so it has been difficult to lock that host out of the firewall entirely in a preventative process. Like many CoLo providers, they have acquired sporadic/random class Bs and Cs from their upstream (and LARGE) ISPs as needed, that would lock out many members with a wide scale rule in the firewall.

We have been locking out individual class C subnets reactively as attacks present themselves. I am also contracting this provider with what data I have, in hopes they can assist. Unfortunately, it probably isn't servers directly administered by this provider, but those of a client that rents space from them.

Hopefully it starts performing better with the newest round of firewall drop rules.

Thanks, Ginsue & J - you guys rock!

+1

J did the work, I just gawked. (Window licker sort of thing)

Much faster now!

please send the attackers an attack of gay porn if possible to let them know our displeasure of their actions.

Much better, thanks J and everyone else involved.

Thanks J, Much better now.


Maybe this is a good opportunity to remind everyone that this is a FREE forum with NO BANNER ADS. Maybe we can express our thanks to J and others with a nice "thank you" gift of some sort.

J, Ginsue, other Mods/Admins: who pays for the hardware (servers and such) as well as other miscellaneous expenses to keep the site running? Can we donate directly to this person(s) via paypal or similar means?

Thanks, Ginsue & J - you guys rock!

Plus 1


Thanks J, Much better now.


Maybe this is a good opportunity to remind everyone that this is a FREE forum with NO BANNER ADS. Maybe we can express our thanks to J and others with a nice "thank you" gift of some sort.

J, Ginsue, other Mods/Admins: who pays for the hardware (servers and such) as well as other miscellaneous expenses to keep the site running? Can we donate directly to this person(s) via paypal or similar means?

I've brought this up before.....about donating to the contribution thread list..thingy.

You'd think I'd have told every member they were going to get a pay cut in their salary for a year. Deaf ears, HB.

I should kick a buck though, it's been a bit.

Thank you guys.

Something definitely isn't right. There are more people online currently than there were after the theater shooting.

Heh ... some day one of us is going to notice that "Most users ever online" record and say "hmm ... what was going on on the 27th of December back in 2015 to bring all that traffic here?"


This thread was a good idea, but always remember that the quickest way to reach the staff is by using the "Report" icon.

Will remember that for next time.

What happened to that "contribute thread" ?

I don't remember where it's at.

Potential members, welcome!

I, for one, welcome our new overlords!


Funny pic that I'm too lazy to embed: http://static.ddmcdn.com/gif/blogs/6a00d8341bf67c53ef0147e2a2c381970b-800wi.jpg

[Flower]



What happened to that "contribute thread" ?

I don't remember where it's at.
I don't know what happened to it, but this thread can serve as a new reminder.



I would like to contribute a few dollars. I abuse the hell out of the staff on a daily basis!
[Coffee]

Great work J and Ginsue, thank you.

Much faster now!

please send the attackers an attack of gay porn if possible to let them know our displeasure of their actions.

What if they're into that kind of stuff and come back for more?

[not-worthy]

You guys rock, keep up the good work.

I've noticed a couple of sites getting really slow and having lots of errors lately. Somebody is stepping up their game. Thank you Mods for putting in the work you do, especially this time of year.

Maybe this is a good opportunity to remind everyone that this is a FREE forum with NO BANNER ADS. Maybe we can express our thanks to J and others with a nice "thank you" gift of some sort.
No need to remind us. TPTB do a great job here. Point me in a direction and I'd gladly donate. [2cents]

Yeah I am on with a donation button of some sort. Where is it hiding?

It's definitely been a while since I threw some cash out there for this site. I love this site and wouldn't want to see it go away. Where's the link?

We tried to get a link last time, but in the end could never raise enough to buy one.

I thought it said "lunkers". I was expecting a fishing report.

Former poster.. new lurker.. I don't get what the big deal is. [Coffee]

Geesh, I talk about our site a little over on MOMS DEMAND and Bloomberg and look what happens.......

Geesh, I talk about our site a little over on MOMS DEMAND and Bloomberg and look what happens.......

I BLAME YOU! [ROFL1]

Thanks everyone. We took down the donations page a bit back because we had what we needed at the time. The drive crashes in Feb/March and hosting fees from this year have added up a bit, so we will discuss amongst the staff opening up the donations system again for a while. Stay tuned. Thanks for the offers of help!

--J

The short downtimes are me trying to flush some of the surged connections after I add drop rules to the firewall. Getting some more attacks tonight. Not as bad as Sunday...

Might be a couple of short outages as I continue to fight this/these douche(s).

Thanks J for your work.

I have Zero skill in what it takes to deal with this garbage. Good job, J.

Keel them all. Bastages messing with our hang out.

Sent from my SCH-I545 using Tapatalk

Need to redirect them somewhere that's interesting... If you knew who was behind it, you'd know better what would be "interesting" to them.

Newbie to the forum here..... I generally don't donate to a forum when I first register, but seeing as you all are unfortunately stuck with me for a while (I've found a nice little corner with my name on it). I would be glad to make a donation.

Newbie to the forum here..... I generally don't donate to a forum when I first register, but seeing as you all are unfortunately stuck with me for a while (I've found a nice little corner with my name on it). I would be glad to make a donation.

Hey, that's mah cornah, you filthy Ho... [ROFL1] Welcome to the asylum!

He was cold...

Then went to the corner because it was 90 degrees... [facepalm]

He was cold...

Then went to the corner because it was 90 degrees... [facepalm]


Dadum-tish... [LOL]

Need to redirect them somewhere that's interesting... If you knew who was behind it, you'd know better what would be "interesting" to them.
Just redirect them all to MSNBC. That'll teach 'em!


Or maybe something more useful, like the Hillsdale College free US Constitution online course (which is excellent, BTW).

Just redirect them all to MSNBC. That'll teach 'em!


Or maybe something more useful, like the Hillsdale College free US Constitution online course (which is excellent, BTW).

Maybe the FBI.gov site?

Maybe the FBI.gov site?


I like the way you think!



How about the NSA cyber threat tip line?
[Coffee]

It doesn't look like we have the "lurkers" anymore but the site is still running really slow for me the last day or 2? How is it working for everyone else?

/

It doesn't look like we have the "lurkers" anymore but the site is still running really slow for me the last day or 2? How is it working for everyone else?

/

Same for me. Phone or desktop.

It doesn't look like we have the "lurkers" anymore but the site is still running really slow for me the last day or 2? How is it working for everyone else?

/
slow no matter what device I'm on


Sent by a free-range electronic weasel, with no sense of personal space.

Good luck dealing with it guys. I hate website support.
Does something like cloudflare, etc. work well for a forum? I know when we enabled it for a couple of our sites, we ended up with a lot less malware/attack maintenance, but they are pretty static sites.

Yup-still slow here too.

Sllooooooooooooooooooooooooooooooooooooooowwww...

Better than the other day but still slow for me too.

I've been fighting with this a good bit this afternoon/evening. It might continue to be a bumpy ride for a bit, until our attacker gets a tired of his hijinx.

It seems that someone has found a vulnerability in a large colocation provider. We have received several moderate level DoS attacks at various times today. Unfortunately, the provider that has been compromised has many servers, over almost a dozen locations, so it has been difficult to lock that host out of the firewall entirely in a preventative process. Like many CoLo providers, they have acquired sporadic/random class Bs and Cs from their upstream (and LARGE) ISPs as needed, that would lock out many members with a wide scale rule in the firewall.

We have been locking out individual class C subnets reactively as attacks present themselves. I am also contracting this provider with what data I have, in hopes they can assist. Unfortunately, it probably isn't servers directly administered by this provider, but those of a client that rents space from them.

Hopefully it starts performing better with the newest round of firewall drop rules.

No clue what you just said, but boy we are glad to have you.

Still slow here or is it just me ?

Still slow...but better than a couple of days ago [Coffee]

Been a member of some boards that the only "solution" was to restrict access to registered users and block new requests until things calmed down. A really ugly, if effective method.

That's racist! You can't ban all Muslim's, I mean lurkers, until we figure this out.

Still slow here or is it just me ?

Yeah pages take a while to load lately. At least we are running. I get the shakes when I can't access this place every 30 minutes.

Yeah pages take a while to load lately. At least we are running. I get the shakes when I can't access this place every 30 seconds.

FIFY... [ROFL1]

That's racist! You can't ban all Muslim's, I mean lurkers, until we figure this out.
I think we should ban everyone who doesn't know how to properly use an apostrophe.
[Coffee]

Maybe lurkers in burqas?


https://en.wikipedia.org/wiki/Burqa

Not gonna give out infrastructure details in public... but it's being worked on gents.

I have a client in the same rack that was targeted with us, and they are still suffering some symptoms too. It's difficult to troubleshoot quickly as some things are network layer, and business critical apps behind the network need careful planning for any downtime.

It might be another week or so, and hopefully not two, but possible. But I'm making moves with spare hardware and a couple new purchases to make everything more snappy, resilient against attacks, and silod to help in the future.

If you need financial help with hardware, I (and many others) are just waiting to help. Thanks again for your tireless efforts!

OH MY GOD EVERYTHING IS SO FAST NOW MY BRAIN CANNOT KEEP UP WITH MY CLICKS

Thanks for all the hard work guys! much appreciated!

If you need financial help with hardware, I (and many others) are just waiting to help. Thanks again for your tireless efforts!

This.

This.
yes, again.

Much better. Where is the collection plate?

I'll get it back up in the next week or so. I really appreciate the offers for help. We never put it back up after the last little crash, and I don't want to rush it and miss a security issue. When we have donations up, I like to double check to make 100% sure it is secure and credit card info isn't vulnerable at all before it goes public.

Don't worry about it J, I can afford a bit of identity theft/fraud here and there. I'll just post up my card number and take it down around 5pm tomorrow.

J, thank you so much for all the hard work.

I'll get it back up in the next week or so. I really appreciate the offers for help. We never put it back up after the last little crash, and I don't want to rush it and miss a security issue. When we have donations up, I like to double check to make 100% sure it is secure and credit card info isn't vulnerable at all before it goes public.

Could you PM me information as to who and where to send a donation. Check or MO........

Thank you. I appreciate the work that done.

OH MY GOD EVERYTHING IS SO FAST NOW MY BRAIN CANNOT KEEP UP WITH MY CLICKS
Hey there now! You've been here long enough to know that sarcasm towards Mods can get you temp banned, right?.........

OH MY GOD EVERYTHING IS SO FAST NOW MY BRAIN CANNOT KEEP UP WITH MY CLICKS


Hey there now! You've been here long enough to know that sarcasm towards Mods can get you temp banned, right?.........

Naw, you gotta know the Badger...he was being totally serious.

Yhea, whatever was going on, it's fixed, at least for me!

O2

Naw, you gotta know the Badger...he was being totally serious.
[Abused]

OH MY GOD EVERYTHING IS SO FAST NOW MY BRAIN CANNOT KEEP UP WITH MY CLICKS

DITTO!

(I figured the firewall rules were helping to protect, but killing response time.)

Don't worry about it J, I can afford a bit of identity theft/fraud here and there. I'll just post up my card number and take it down around 5pm tomorrow.

Please include your SSN.

Wow. Really peppy tonight. Great work gents!

Its fixed, for now. Still planning on some shuffling and reconfiguration of the rack at the datacenter. Will be a few weeks until that is done, but it should be good and fast for now, and should be way more bullet proof after the coming changes in a few weeks.

We need an MIB reference.

"All hail J, all hail J"!

Now I can stop kickin the dog and beatin the wife.[emoji33]

Sent from my SCH-I545 using Tapatalk

Thanks J. We appreciate you.

[Bow]

We need an MIB reference.

"All hail J, all hail J"!

I'm kinda partial to L myself ... [Coffee]

63234

Back to slow as molasses in January for anyone else?


Sent by a free-range electronic weasel, with no sense of personal space.

Must be you, my old azz equipment is zippin all around the board.

Sent from my SCH-I545 using Tapatalk

Doing fine here.

Yep. This is one of the fastest sites I use.

Fastest I've seen this site in a couple weeks. Of course, I'm literally the only person browsing right now...


There are currently 1 users browsing this thread. (1 members and 0 guests)
Ridge

Forget the sarcasm smilie, or are you literally the dumbest IT guy here? :D

There are currently 281 users online (https://www.ar-15.co/online.php). 134 members and 147 guests

Not the dumbest, just not the one that can read the best. Plus, I was posting from a laptop at work :P

Back to slow as molasses in January for anyone else?


Sent by a free-range electronic weasel, with no sense of personal space.

You need to uninstall the DOJ monitoring software from your phone, you picked it up when you were surfing redtube

You need to uninstall the DOJ monitoring software from your phone, you picked it up when you were surfing redtube

It's an iPhone. Don't you know those are impervious to everything? Just ask the fanbois


Sent by a free-range electronic weasel, with no sense of personal space.

You need to uninstall the DOJ monitoring software from your phone, you picked it up when you were surfing redtube

redtube -- is that home videos for commies like Bernie Sanders?