Can we setup VOAT mirrors?
19 30 Jul 2019 22:15 by u/CTCZ
I did some basic research and found it may not be a large technical challenge to mirror the site.
There are multiple ways to achive this goal it seems. And multiple people could do it independently using different techniques.
My questions to the programming group:
* If mirrors were setup and refreshed well enough to act as a read-only temporary location, would it help alleviate the DDOS attacks? Would the presence of live mirrors thwart the incentive for DDOS? I think it would, but I'd like your input
* If mirrors can be used to thwart the incentive for DDOS, are there downsides to having these mirrors setup?
If it's only a matter of buying a domain name like www.myVOATmirror.com and hosting package from Dreamhost to make mirroring a pushbutton operation, I think it is likely we can get a few people to do this exercise.
38 comments
9 u/DeputyPutt 30 Jul 2019 23:07
Mirrors will go down as well.
Technically, CloudFlare (Voat is hosted on it, or its sitting in front of the actual Voat server) is a Content Delivery Network (CDN). Putt also has anti-DDOS options turned on, which is why you see the "Checking your privilege" screen.
Unless you're going to do the same, and spend a decent amount of money, your site will go offline in seconds and you'll either be shut down for an entire month of bandwidth or have a very large bill for overages.
Putt's making attempts at pushing off the attacks and this happens at least once a year. Unless you really want to spend your money on hosting and anti-ddos options, let Putt handle it. It sucks but each time they do this, he learns other sneaky ways to stay online a little longer. Technically he could turn this whole thing into read-only and use something like Memcached, but that just defeats the purpose of us talking. I'm guessing it's why we saw (at least I did) "this is a cached copy" message during the day yesterday or such.
Source: I delete my accounts once in a while and have been here since Pao pulled her crap on Reddit a few years ago, this isn't my first rodeo here. I'm also a computer security guy.
Edit: Stupid letters sneaking in when they shouldn't.
0 u/CTCZ [OP] 31 Jul 2019 13:51
Forgive my ignorance, but why would mirrors go down as well? I don't understand why you think an attack on CloudFlare would somehow impact non CloudFare sites. A cursory search on DreamHost's site (I'm not recommending them, just referencing them for this exercise) shows that CloudFare "optimization" is both optional and a paid-for add-on. So one can setup a mirror without CloudFlare.
As a mirror creator, I don't even need to mirror the whole site. I could mirror my favorite 10 subverses. Another user can mirror their favorite subverses.
DreamHost (again just referencing, not recommending) offers "Virtual Private Server" hosting with unlimited bandwidth for 10 federal reserve notes a month. Why wouldn't such a hosting plan be sufficient for this purpose?
Not trying to be argumentative or disrespectful. Just honestly looking for a reason why a read-only mirror would need anything more than something simple like I'm proposing.
Yes I am suggesting I can spend my own money on hosting this. What I'm wondering is whether there are technical or other barriers which would thwart this effort, or other reasons why it may not work.
0 u/DeputyPutt 31 Jul 2019 23:47
It's about bandwidth.
You get a certain amount of bandwidth available to you with any hosting package. The "unlimited" packages are limited on the CPU/Memory side. Such a DDoS will nuke your bandwidth and make your server use up all that memory and CPU. Thus, you'd get kicked for abuse.
I'm not saying "no, you can't", but more "you shouldn't" and it's more for your resources.
On top of that, your requests from the same IP, even if slow, without account activity may show up as an attacker since you'd be coming from a hosting farm. The worst DDoS' come from computers that are taken over and they fully look like standard visitors. Since Putt nuked entire net ranges of countries, they were probably from bots running on machines in those areas. This time, I haven't a clue as I haven't caught up on the latest post nor will he give much info (as he shouldn't).
And no offense taken. I'm just trying to save you some money.
0 u/CTCZ [OP] 01 Aug 2019 01:12
Thank you for the information, friend. Appreciate the advice.
0 u/obvious-throwaway- 19 Sep 2019 00:12
Not that I'm interested in hosting, but I live in an area with unlimited gigabit business fiber with static IP for about $100/month. They allow for web hosting. A reasonable server running Linux/Apache with 64 gigs of RAM would probably take some effort to thwart. Be a good opportunity to honeypot the attackers IP's and post some logs online to see if we can pinpoint where the attacks are coming from.
0 u/uniques 24 Sep 2019 20:33
I wish it was that simple, see; IP spoofing, ARP flooding, SYN-ACK attack, smurf attack, slow bleed ddos. To name just a few.
1 u/cantaloupe6 30 Jul 2019 23:29
Maybe look into a Tor/onion configuration. When the main site is down, fall back to it. They can't ddos that.
The info spread, search Nicole Junkermann corruption, it's widespread now.
0 u/blit416 31 Jul 2019 13:27
I dig that - Voat needs a TOR site - maybe talk to the DS guys, find out what their host is and the package they work with - their site is fast on TOR.
1 u/My_Name_is_Not_Sure 31 Jul 2019 00:08
Can’t he just block traffic from offending nations? Sorry to the legit Voaters from those areas, but fuck off.
0 u/ShakklezthaKlown 31 Jul 2019 01:47
that's why you use botnets with IP's located all over the world. too risky to ban entire IP sets without removing a ton of users as well.
0 u/My_Name_is_Not_Sure 31 Jul 2019 01:54
As a VPN user I thought the same thing immediately after submitting it. Damned if you do, damned if you don’t I suppose.
0 u/CantBuySkills 31 Jul 2019 04:22
I get what your saying. But free speech is just as if not more important in those other nations, and having voat as a place to go for them is a good idea in my opinion.
0 u/blit416 31 Jul 2019 13:26
Geoblocking is tricky business. Yes, can be done, but it's based on registered IP blocks - doesn't always apply to the real world, and he's getting hammered from 5 different regions (minimum, right ?) .. and if it's IoT like dude suggested above then .. you can't keep ahead of it easily. You can Whitelist Canada, USA, UK, Australia, Western European Countries .. but the list becomes ungainly pretty quickly.
Ah InfoSec !
0 u/thebearfromstartrack 31 Jul 2019 00:43
If you had the money (BIG) and ran Oracle db servers I could set up a fail safe network for you, that fails over to a (possible) string of parallel db's on different hardware using different network resources, that these nerds would have to chase down, while you repaired what they've already done in their wake. Dunno if SQL server can do that. In fact you could make it (given sufficient resources) so that their attacks are invisible/transparent to the users (a chase).
Don't you even have the source (authentic) IP's this is coming from? Can't you just ban them and move on? Are they making bots out of innocent users via virus software? Couldn't you just send notice that we scan (scan regularly) for particular virus or a range of them?
HOW sophisticated are these turds? Constantly writing custom virus's or is it just off the shelf shit that the pussy boy douchebags use?
0 u/cantaloupe6 31 Jul 2019 03:25
SQL server can do the same.
It sounds like there were 6M (5.6M) request per minute. About 93k request per second.
0 u/thebearfromstartrack 31 Jul 2019 21:32
Thanks for the info! Sounds like you work there!
0 u/libman 31 Jul 2019 23:02
PostgreSQL runs circles around all proprietary RDBMS.
0 u/thebearfromstartrack 02 Aug 2019 00:23
Never used it. Got any published facts to benchmark those claims? Other than the obvious (cost) benefit.
0 u/libman 02 Aug 2019 00:54
You don't see many of those, perhaps because publishing benchmarks violates proprietary database EULA...
0 u/thebearfromstartrack 02 Aug 2019 01:10
So you're saying (assuming user contributions) the fundamental features of an Oracle database of today (eg failover, clusters, direct managed tablespaces, a LOT more ) are present?
0 u/libman 02 Aug 2019 01:15
A lot of additional features are present through PostgreSQL modules (ex. PGXN) and other tools. I haven't done anything large-scale in years so do your own research.
What I do know is that most of Russia went
s/Oracle/PostgreSQL/when the sanctions hit.0 u/thebearfromstartrack 02 Aug 2019 01:24
No way man. YOU do my research. I'm an executive type. I OWN you. Dance monkey dance! Dance for me! No really.
0 u/normal_white_kid 31 Jul 2019 02:07
Can we use fail2ban to mitigate DDOS attacks?
0 u/Jeww 31 Jul 2019 03:04
Poal
0 u/Jeww 31 Jul 2019 03:50
Poal.
0 u/fluhthreeex 31 Jul 2019 04:06
poal yes too many i-see-cheeze-people
0 u/Jeww 31 Jul 2019 06:31
I’ve been there for months and never see people talking shit about voat beyond typical ball breaking, the hell are you talking about?
0 u/fluhthreeex 01 Aug 2019 00:02
i read 5 posts yesterday and was an expert. i read 5 more today. fuck with me now. i dare you.
0 u/Jeww 01 Aug 2019 21:28
You’re a gay man who is not straight, but indeed a homosexual of ill repute.
0 u/My10thaccount 31 Jul 2019 03:39
It was anonymous
0 u/dayofthehope 31 Jul 2019 05:47
There exists such a solution. notabug is designed to be automatically mirrored.
You can do a mirror with Dreamhost (or just wget -m) but it will be a static site.
To create a fully functional mirror of voat, you'd need the database and the up-to-date source code. Putt might not prefer to share that with somebody else, since he has invested considerable amount of his money and resources on this website.
0 u/CTCZ [OP] 31 Jul 2019 13:33
Thanks. FWIW I was thinking of a temporary, read-only mirror, not a fully functional mirror.
0 u/dayofthehope 31 Jul 2019 13:40
I'll give it a try see if it's possible and how many megabytes it takes.
@puttitout is it ok to create a static mirror of voat? Can I download the whole site or would you consider it an abuse?
0 u/CTCZ [OP] 31 Jul 2019 14:01
What about just trying your favorite 10 subverses? If these are distributed backups, different people can have different subverses backed up. They don't necessarily need to try to capture all of VOAT.
Good question to Putt - hopefully captures with appropriate timers in place won't be considered abuse.
0 u/dayofthehope 31 Jul 2019 15:33
Just found out you can't use wget to download voat because it won't get by the DDOS protection page.
Maybe someday when DDOS goes away.
0 u/CTCZ [OP] 31 Jul 2019 15:39
10-4 thanks for the check
0 u/libman 31 Jul 2019 23:01
I've been asking this before...
I recommend generating static snapshots to IPFS.
-2 u/dieusor 30 Jul 2019 23:23
That’s a good idea. I put a mirror behind my monitor this morning.