Cody R. Posted August 12, 2010 Report Posted August 12, 2010 Earlier this evening Spitfire came under a very large DDoS forcing the IP being attacked to be null routed due to it causing network degradation issues for our upstream provider. As a result we're in the midst of migrating affected shared clients to new IPs - we expect this to be finished shortly however depending on DNS changes it can take a few hours for it to fully resolve for you. We're extremely sorry for the inconvenience and are working on bringing everyone affected online ASAP. If you have a dedicated IP or are on an alternate IP or are on an alternate shared IP your website is online. This only affects a portion of users on the server..
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 We're still in the process of migrating the websites across several IPs. We're about half way done with the sites affected.
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 All of the websites have been migrated to the new IPs. Please allow a few hours for the DNS to propagate. It is recommended you use https://spitfire.hawkhost.com:2083 to login to the control panel for the time being. We'll be providing more information regarding the DDoS once we investigate it further.
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 The machine is under attack again so we've had to temporarily disable one shared IP. A small portion of people may be affected while we investigate further.
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 Everything has been stable for awhile now. We'll be monitoring everything for the evening / morning and provide updates as they become available.
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 The machine has been stable and has been running without any issues for several hours now. It appears the DDoS has subsided. We consider this issue closed as of now.
Cody R. Posted August 12, 2010 Author Report Posted August 12, 2010 Just some information - it appears the DDoS was in excess of 10Gbit prior to the null routing of the IP.
Cody R. Posted August 15, 2010 Author Report Posted August 15, 2010 Just some information - it appears the DDoS was in excess of 10Gbit prior to the null routing of the IP. We experienced a very large DDoS in the early morning which lasted for roughly 50 minutes. We've been able to find the target and remove them from the machine so these attacks should stop entirely. The total attack size was roughly 30Gigs. We'll be monitoring the server for the next 24 hours as well as working with the data center to ensure everything is back to normal. We're very sorry for any inconvenience this may have caused.
Recommended Posts