On Saturday, November 17, 2018, Gitote.in was unavailable from 9:50 to 10:46 IST due to a distributed denial-of-service (DDoS) attack.
To note, at no point was the confidentiality or integrity of your data at risk. We are sorry for the impact of this incident and would like to describe the event, the efforts we’ve taken to drive availability, and how we aim to improve response and mitigation moving forward.
We have received traditional attack via Botnets
Requests per second: 6000 Rps
Bandwidth per second: 1 Gbps
Areas attacked: https://gitote.in, https://gitote.in/api
Between 9:50 to 10:46 IST on November 17th we identified and mitigated a significant volumetric DDoS attack. The attack originated from over a thousand different autonomous systems (ASNs) across 5000+ of thousands of unique endpoints. It was an amplification attack using the load-based approach that peaked at 1Gbps via 1 million packets per second.
At 9:50 IST our network monitoring system in Digitalocean detected an anomaly in the CPU usage and notified us on in the Slack Channel
#the-serious-room. This graph shows CPU Usage of our servers during load-attack:
We found that all requests that are attacking Gitote start with the same range(
xxx.xxx.abc.def), so we blocked the range of IPs in that range.
And we are sorry for the user who’s IP is on that range.
(we release those IPs after mitigation)
We’re going to continue to expand our servers in Digitalocean and strive to identify and mitigate new attack vectors before they affect your workflow on Gitote.in.
🚀 Share on Twitter