diagram showing attackers

Podfeet.com is under a denial of service attack … maybe

You may have noticed over the last few days that from time to time you can't get to podfeet.com. The errors returned are fairly random. Sometimes it says I don't have a valid security certificate (I do). Sometimes it says there's an error connecting to the database.

With Bart's help, we've determined that something is hammering the Apache webserver. We've set up a monitoring service called 24×7, which luckily has a free 30-day trial but I may need to pony up $100/year if I end up needing to maintain it over time. My server will now push status to 24×7 so we can see graphs of what's been happening, even when it's actually down.

Bart pointed me at a cool tool called Core Tunnel (from the same fine folks that brought us Core SSH) which allows me to tunnel into podfeet.com and watch my Apache Server status. With this tool we can see what kind of requests are coming in. A normal HTTP request looks like this:

http/1.1	podfeet.com:443	GET /ccatp/ccatp-rss.xml HTTP/1.1

That's someone's podcatcher looking for the latest update to the Chit Chat Across the Pond RSS feed for the podcast.

But my server is showing LOTS of these as well:

http/1.1	www1.podfeet.com:80	OPTIONS * HTTP/1.0

which Bart says isn't normal at all.

I'm telling you all this so that you'll know that I know that something is afoot and that we're doing everything we can to figure out how to stop it. Bart says that this could simply stop on its own as mysteriously as it started. If it doesn't I may need to pay a service like Cloudflare to protect podfeet.com.

I'll be posting the NosillaCast today hopefully, and that should still work because the audio files are hosted on Libsyn and hopefully your podcatcher will just try again to get to the podcast feed file which is on podfeet.com.

If the site is down, you won't be able to follow the links in your podcatcher to see the blog posts or watch the videos natively on podfeet. You can subscribe on YouTube to see the videos by going to https://youtube.com/nosillacast and subscribing there.

If you want to be notified about problems like this, I'd like to suggest that you sign up for the Podfeet Press by going to podfeet.com and clicking the link in the top menu bar to subscribe. You'll get an email every time the NosillaCast or Chit Chat Across the Pond comes out but when catastrophes happen, you'll find out there too. I'm usually pretty good about tweeting from @podfeet and Slacking in the Show Announcement channel and Facebooking when things go awry as well, so if you want to know what I know, be sure to join the conversation.

I'm trying to be calm about this, but it's really distressing to me. Bart says to keep chanting, "No one dies if Podfeet.com is down."

Leave a Reply

Your email address will not be published.

Scroll to top