Comment by herbst
9 hours ago
That was possible when a DDos was usually still an occasional attack by a bad actor.
Most time I get ddosed now it's either Facebook directly, Something something Azure or any random AI.
9 hours ago
That was possible when a DDos was usually still an occasional attack by a bad actor.
Most time I get ddosed now it's either Facebook directly, Something something Azure or any random AI.
That sounds like an app-level (D)DoS, which is generally something you can mitigate yourself.
It's harder when it's a new group of IPs and happens 2-3x every month.
And if you do rule based blocking they just change their approach. I am constantly blocking big corps these days, barely any work with normal bad actors.
And lots of real users time wasted for captchas.
How (or to what end) would Facebook want to directly DoS someone?
What do they even have an spider for? I never saw any actual traffic with source Facebook. I don't understand either, but it's their official IPs, their official bot headers and it behaves exactly like someone who wants my sites down.
Does it make sense? Nah, but is it part of the weird reality we live in. Looks like it
I have no way of contacting Facebook. All I can do is keep complaining on hackernews whenever the topic arrises.
Edit:// Oh and I see the same with Azure, however there I have no list of IPs to verify it's official just because it looks like it.
I got DoS'd by them once, email not HTTP traffic though. Quick slip of their finger and bam low cost load testing.