Silk Road forums

Support => Technical support => Topic started by: snickerlover6969 on November 15, 2012, 07:13 pm

Title: Please stop trying to connect to SR!! PLease READ!!
Post by: snickerlover6969 on November 15, 2012, 07:13 pm
I posted this in the "we're possibly under attack" thread, but I'm posting it again under it's own topic because I think it's important:


C'mon people.  Of COURSE Silkroad is under a MASSIVE DDOS attack right now.  I can tell you exactly who's doing it too.  It's the USERS OF SILKROAD!  Everybody is trying to log in all at once.  The more you keep hitting try again, the more you're part of the problem.  Let's be smart about this.

Window shoppers (like me): DON'T EVEN TRY TO LOGIN.  AT ALL.  I'm not.  Don't you do it either.  Give it until the site has been up reliably for a week or more.

Buyers looking to place orders: DON'T EVEN TRY TO LOGIN.  AT ALL.  What good will it do you if you manage to get in, place an order, send your bitcoins, and then have the site go down again indefinitely?  You'll just be out the bitcoins, since the vendor can't log in and check your order!  Give it until the site has been up reliably for a few days or even a week.

Vendors who don't have pending orders: DON'T EVEN TRY TO LOGIN.  AT ALL.  You're not helping the situation.  Give it until the site has been up reliably for a few days so you can check for new orders, which really shouldn't be happening if the buyers are courteous and waiting for the site to come back up.

Vendors who have pending orders: DON'T EVEN TRY TO LOGIN.  AT ALL.  You are part of the DDOS too.  Wait until the announcement (which hopefully goes to the vendor area first) that the site is up, then commence your part of the renewed DDOS that will happen every time that announcement goes out.  When it does, get on there, handle your current business, and get out to save on traffic.

If everyone would stop DDOSing the site by trying to log in all at once, there is a better chance of it getting up and running again.  If the site was nearly overloaded before, what do you think happens when it gets 5 times it's usual traffic with all these jerks leaving a window up and hitting try again every 5 minutes?  I have seen the enemy, and it is us.
Title: Re: Please stop trying to connect to SR!! PLease READ!!
Post by: OmNiVor on November 15, 2012, 10:19 pm
word to that! omni tried once to get on last night or early morning for him and actually got on! omni just had to FE a few arrived orders so his karma didnt feel bad at possibly leaving the vendors without coin if the site went down forever like u said and was hoping they'd be quick and get omni's and all the other buyers coins out of there wallet an outta that place as its not smelling as fresh as it used to an omni's got a good nose! (one of his past-times is digging ups lovly little eggzes) just wanted to make sure this stayed bumped tho mate and would +1 you if omni knew how/was able to lmfao but anywhoo GJ swabbing the poop deck lol it was getting smelly (no pun intended)  ;)
Title: Re: Please stop trying to connect to SR!! PLease READ!!
Post by: Ben on November 16, 2012, 01:57 am
Are real users really contributing that much to the ddos problem? I'm sure quite some people are eager to log on and give it a few tries, but that is nothing compared to what even a single attacker could send when the number of requests to the server is concerned.

Not hammering the server any further would help though, but i suppose this will require some measures.

Will, for example, auto-finalize dates be extended because of the server outage? There is no way for people to finalize and give proper feedback right now, while the auto finalize date on their order comes and goes.

Also, why keep the site available at all when its overwhelmed and not  usable at the moment? Would it not be better to send a simple html error / 'we are down' message to any visitor, which would require little server load per request? At least that would provide clarity to potential users, informing them that there are technical problems preventing them from logging in, opposed to just giving people the idea they got the captcha wrong and try to log in over and over again?
Title: Re: Please stop trying to connect to SR!! PLease READ!!
Post by: snickerlover6969 on November 16, 2012, 02:34 am
Are real users really contributing that much to the ddos problem? I'm sure quite some people are eager to log on and give it a few tries, but that is nothing compared to what even a single attacker could send when the number of requests to the server is concerned.

Not hammering the server any further would help though, but i suppose this will require some measures.

Will, for example, auto-finalize dates be extended because of the server outage? There is no way for people to finalize and give proper feedback right now, while the auto finalize date on their order comes and goes.

Also, why keep the site available at all when its overwhelmed and not  usable at the moment? Would it not be better to send a simple html error / 'we are down' message to any visitor, which would require little server load per request? At least that would provide clarity to potential users, informing them that there are technical problems preventing them from logging in, opposed to just giving people the idea they got the captcha wrong and try to log in over and over again?

It's working fine now, and it's lightning fast! Probably the fastest I've ever seen it load before. DPR had stated that Auto Finalize had been turned off sunday and monday. That would make sense to send a html error or down for maintenance message on the site, but I don't think DPR knew that it was down this morning.
Title: Re: Please stop trying to connect to SR!! PLease READ!!
Post by: Thedonkilluminati on November 16, 2012, 03:08 am
Its thunder fast right fucking now, and it used to be fast around this time  8)
Title: Re: Please stop trying to connect to SR!! PLease READ!!
Post by: Ben on November 17, 2012, 01:16 am
It seems to work fine again at the moment for me too.

Does this mean the site is back up and running, and placing orders and such should be okay again, or are further outages in the near future to be expected?

It is important to get some clarity on that for both buyers and vendors at the moment - BTC held in SR accounts are unavailable if the website is down, which could cause money to end up in limbo for quite some time. Perhaps it would be wise to set up some mechanism to recover BTC held on SR even if the main site goes down - just as a security measure guaranteeing no money is permanently lost if SR goes offline for an extended period of time for whatever reason.