flipboard.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Welcome to Flipboard on Mastodon. A place for our community of curators and enthusiasts to inform and inspire each other. If you'd like to join please request an invitation via the sign-up page.

Administered by:

Server stats:

1.1K
active users

#mastoddos

0 posts0 participants0 posts today
CoffeeGeek<p>So just as an experiment, I tried reposting our Threads federated post about our Ultimate Coffee Gear Wish List here via this account.</p><p>And yup, it took our website down for a few minutes. It&#39;s still down with all the card requests as I type this.</p><p>So no more of that, sadly. </p><p><a href="https://flipboard.social/tags/fediverse" class="mention hashtag" rel="tag">#<span>fediverse</span></a> <a href="https://flipboard.social/tags/mastoddos" class="mention hashtag" rel="tag">#<span>mastoddos</span></a></p>
Max<p>So, random idea about Mastodon and WordPress sites, and the unfortunate circumstance of a link on the former often resulting in an accidental DDoS on the latter. Something that, for example, forced <span class="h-card"><a href="https://flipboard.social/@coffeegeek" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>coffeegeek</span></a></span> to not post links to their articles and <span class="h-card"><a href="https://mastodon.social/@jwz" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jwz</span></a></span> to <a href="https://www.jwz.org/blog/2024/10/mastodon-stampede-returns/" rel="nofollow noopener noreferrer" target="_blank">just block access to Mastodon crawlers entirely</a>.</p><p>Of course it's easy to blame Mastodon (partially deserved, there's steps and suggestions to make the hugs less lethal) and/or WordPress (not the fastest CMS on a good day, apart from the community drama), but what about a solution (or at least slightly better workaround)?</p><p>What if you write static HTML with just enough in there to render a preview (so the title, some og metadata, and so on, but not much else) and instruct the webserver / reverse proxy to, when the user agent implies Mastodon, serve <em>that</em> instead of handing off the request to a resource hungry CMS?</p><p>Even if you get a couple of thousand requests dogpiling in, if it's just static content, you should be able to handle that on anything more powerful than a potato, right?</p><p>So that's an addition to your CMS (to write the static files on creation/change) and a few lines in your <code>.htaccess</code> or webserver config, and you're done. The static content shouldn't take <em>that</em> much room, and either way storage is cheaper then having your server hugged to death.</p><p>And yes, this shouldn't be the problem that it currently is, this should be solved on the Mastodon end and not by the individual website owners. But here we are.</p><p><a href="https://toet.dnzm.nl/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> <a href="https://toet.dnzm.nl/tags/mastoddos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastoddos</span></a> <a href="https://toet.dnzm.nl/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a></p>
CoffeeGeek<p>I have to stop posting active links to our content on Mastodon. </p><p>Every time I do so now, it brings down our website for up to 5 minutes.</p><p>We&#39;ve tried pretty much every claimed fix, including third party caching (which in turn breaks other elements of our website&#39;s dynamic display abilities), code changes and such on our back end code, and more stuff I don&#39;t understand at all (but have spent money paying our WP developer to implement). None of it has worked. </p><p>The <a href="https://flipboard.social/tags/fediverse" class="mention hashtag" rel="tag">#<span>fediverse</span></a> powers that be need to fix this growing problem of the <a href="https://flipboard.social/tags/MastoDDos" class="mention hashtag" rel="tag">#<span>MastoDDos</span></a> effect on websites. The more followers and more servers your followers are from, the more impact this has on literally bringing a website to its knees with all the DB calls.</p><p>For instance, this morning, I posted the lovely article our creative writer Ethan wrote, which ended up only getting 2 boosts and one &quot;favourite&quot; here, but it brought down our website for 4 minutes and 12 seconds. </p><p>That&#39;s not sustainable.</p>
Шуро<p>Случайно узнал о забавном явлении <a href="https://friends.deko.cloud/search?tag=MastoDDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastoDDoS</span></a> (вот <a href="https://news.ycombinator.com/item?id=40222067" rel="nofollow noopener noreferrer" target="_blank">тут</a> есть подробнее с другими пострадавшими).</p><p>Если кратко, то проблема такая:<br>- популярный блогер вешает ссылку на статью на своём сайте в Феди<br>- его пост распространяется на серверы подписчиков и все эти серверы идут по ссылке и стягивают превьюху<br>- сайт под нагрузкой ложится, ведь туда за короткое время прилетела пара десятков тысяч одинаковых запросов, причём лежать может довольно продолжительное время</p><p>Даже не представлял, что такое возможно, ведь запросы небольшие, разовые и одинаковые, да и сколько этих узлов в Феди наберётся активных, тысяч двадцать? Но поскольку у всех динамические движки, скрипты и картинки в изобилии, то этого хватает, даже Клаудфларь не справляется, поэтому просят решить проблему со стороны Мастодона (правда, непонятно как).</p><p>Вспомнился Синдром Кесслера, но для веба.<br><a href="https://friends.deko.cloud/search?tag=%D0%9F%D1%80%D0%B5%D0%BA%D1%80%D0%B0%D1%81%D0%BD%D0%BE%D0%B5%D0%9D%D0%B0%D1%81%D1%82%D0%BE%D1%8F%D1%89%D0%B5%D0%B5" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ПрекрасноеНастоящее</span></a><br>RE: <a href="https://flipboard.social/users/coffeegeek/statuses/113030436873628885" rel="nofollow noopener noreferrer" target="_blank">flipboard.social/users/coffeeg…</a></p>
Jeremiah Lee<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@hrefna" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>hrefna</span></a></span> <span class="h-card" translate="no"><a href="https://flipboard.social/@coffeegeek" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>coffeegeek</span></a></span> The devil is in the defaults… I had the same problem with my generic WordPress site until I enabled Automattic’s WP Super Cache plug-in. Perhaps the best way WordPress could support the social web is for it to improve its caching defaults for bursty traffic in general.</p><p><a href="https://alpaca.gold/tags/MastoDDOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastoDDOS</span></a></p>
CoffeeGeek<p>So some bad news regarding our account here on Mastodon and the <a href="https://flipboard.social/tags/Fediverse" class="mention hashtag" rel="tag">#<span>Fediverse</span></a> </p><p>I&#39;m going to have to suspend, at least for now, posting any links to content on our website on this platform. The <a href="https://flipboard.social/tags/MastoDdos" class="mention hashtag" rel="tag">#<span>MastoDdos</span></a> effect is only getting worse, and it now brings our website down for a solid 5 to 7 minutes everytime I post a URL. We&#39;ve tried to fix this on our end, without any real luck. Caching, Cloudfare, etc etc. None of it works. </p><p>What I&#39;ll do instead is post links to our Threads account when new content is posted on our website. A bit of a weird fix, but until the infrastructure in the fediverse evolves to deal with this growing problem, I can&#39;t have our website go down that often. It has further unintended side effects (like harming our SEO ranking).</p><p>Of course, I&#39;ll still be participating here daily on coffee subjects!</p>
CoffeeGeek<p>I wonder if Goog is blocking card delivery to mastodon because of the mastoddos attacks whenever cards are called by the fediverse.</p><p>Just another reason for the powers that be in the fediverse structure to get their shite together, re cards and urls. ;) </p><p>My own website goes down for about 2-4 minutes after I post any URL from CoffeeGeek. <a href="https://flipboard.social/tags/mastoddos" class="mention hashtag" rel="tag">#<span>mastoddos</span></a></p>
CoffeeGeek<p>I think I have to stop posting links to CoffeeGeek here on Mastodon until this mastoddos thing is solved by the powers that be.</p><p><a href="https://flipboard.social/tags/mastoddos" class="mention hashtag" rel="tag">#<span>mastoddos</span></a></p>
CoffeeGeek<p>Request for info from folks familiar with <a href="https://flipboard.social/tags/CDN" class="mention hashtag" rel="tag">#<span>CDN</span></a>, <a href="https://flipboard.social/tags/Cloudfare" class="mention hashtag" rel="tag">#<span>Cloudfare</span></a>, <a href="https://flipboard.social/tags/DDos" class="mention hashtag" rel="tag">#<span>DDos</span></a> and the <a href="https://flipboard.social/tags/mastoddos" class="mention hashtag" rel="tag">#<span>mastoddos</span></a> phenomenon.</p><p>Is there specific settings we should be looking at, in setting up our CDN specific to the heavy load mastodon throws our way when I post a url here?</p>

Apropos of nothing - this is what happens to my homepage website *every time* someone boosts one of my posts, simply because I have it linked into my profile.. I will do another #MastoDDos blog post on this when I get around to it, as the traffic to my site is something else - bursts of 300-odd requests in a few seconds :)

I mean my site can handle it now but I'm guessing not everyone's can. And this will only get worse as more server instances are added - I don't even have many followers!

I think I've uncovered a second #mastoddos effect. I recently added a little website link to my Mastodon profile, and now every time I post, or reply, it gets a stack of GET requests for the home page.

Earlier today I got a reply from @Gargron which obviously will have gone to a huge number of Mastodon servers - my poor little web box couldn't cope - it looks like it's had something close to 2000 requests within a few seconds.

The URL wasn't referenced in the post, only in my profile.