Thanks! Yes, we are improving our firewall rules and this week we expect everything to be running smooth again.
Thanks! Yes, we are improving our firewall rules and this week we expect everything to be running smooth again.
Regarding 1, the attack has been going on for weeks, and now the attacker shifted to using mostly ToR exit nodes on the clearnet, so some users reported that it is not always that they can access the website when using exit nodes, sometimes they get blocked because of the rate limiting that is in place to fight off the DDoS. But we can see the attack on localhost as well (actually spamming on localhost), which indicates the attacker is also using onion connections to attack us. This is a fact. Some people from the community suggested we implemented some solutions on onion, and we are going to look into it this week.
Regarding 2, that’s exactly what is happening, as other services are also being affected see https://status.torproject.org/; As we said, we are a small team and we are working into solving all issues this week. We’ve been providing the community with good services for quite a while, and we hope to normalize the situation once we improve our defenses.
Network Performance Issues v3 Onion Services “We’ve been experiencing an unusually high load on the Tor network during the last couple of weeks, which impacts the performance of onion services and non-onion services traffic. We are currently investigating potential mitigations.”
We are just updating the community to let people know that services are disrupted right now, not working 100%. We need to be open about this otherwise users will complain asking why we did this or that, so we are just being transparent. We also need to let users know there are fake websites running because we have already seen some users lose money to these scams, so this is quite important. About what you also said, yes, many other onion websites are suffering attacks as well. I believe eXch was suffering DDoS too, among others.
We have not yet implemented PoW, as our team is small and we are trying to mitigate the attack on clearnet first, since most users come from there. But yes, some nice people already suggested this, and we’ll look into it this week.
Thanks for the kind words. Tomorrow our team will be 100% focused on these tasks! By the way, Monerokon was great! A lot of good people there, an outstanding community!
Hey there, Trocador.app team here.
First of all, we fully get OP’s concern about Cloudflare, and it would be very hard for us to argue against the gist of their argument. There’s a good reason we don’t have Cloudflare as part of our standard operations. However, that means we must implement our own defences against such attacks. We are fine with that. After all, that’s enough most of the time. As anyone running a web service in our community knows, we’ve all been increasingly targeted with DDoS attacks. Here at Trocador, we’ve had our fair share of them over the last few months, and we’ve been managing well in our estimate, given our team size. However, last week’s incident was something different. We were faced with the option of keeping the service down, or temporarily switching to Cloudflare in an attempt to keep the services running while we hardened our infrastructure. The switch was successful in mitigating the attack’s effects, and we kept the platform up. We are aware this is far from ideal to a significant share of our users. That is why we did our best to keep our Tor service operational throughout the attack. Ideally we would have implemented a message on our main page so our users are aware, but most of our team has been busy with Monerokon the past few days. Perhaps that’s why the attack was initiated in the lead-up to the event. But who knows… lesson learned!
Our aim is to switch back to normal operation as soon as the attack is over. Unfortunately this attack seems to be much more targeted than previous ones, and has been going on for many days already.
The Monero community has been great as always, and some very competent individuals have reached out to offer guidance and assistance. We’re currently working on improving our defences, and we’ll be off Cloudflare again very soon, probably in the next couple of days if our strategy works. We were expecting to leave CF today, which would have been only 6 days total using them, but this also depends on our team managing to solve all issues before that, and again, most of our staff is on Monerokon.
We tested on Tor and it worked, but now we could replicate the issue with i2p. Some time ago we introduced a cookie that would force connections to be routed through https (with cryptography) instead of http, so I imagine this cookie was causing this error. Now we removed it. Can you check if now it’s working? We came to the conclusion that this cookie was not needed because we have other code that automatically route connections to https when that’s available.
Hey tusker, we could not replicate the issue. Are you still getting that bug? please reach us on telegram if you are. Sorry for not seeing this message before.
Hey friend, sorry for your issue. Today was a crazy day, many people desperate, panic selling. Amazingly, only 40% were panic selling, and around 60% were actually buying Monero. In any case, the turmoil was enough that many users experienced delays. In case your issue is still not solved, please contact us on Telegram (TrocadorSupportBot) or on our matrix channel (https://matrix.to/#/#Trocador.app:matrix.org) and our support team will help you out.
Hey team, we are glad to be part of your journey.
Someone said we should run a separate server to work as a load balancer and generate these captchas as they might consume processing from the server. We’ll look into it. Thanks!