The blender.org servers are experiencing a DDoS attack since last weekend (opens in new tab)

(blender.org)

66 pointskefabean2y ago44 comments

44 comments

I just had to put my small hobby OS development site behind cloudflare after 23 years without a CDN. Between occasional ip bans, mod_evasive, rate limiting, user agent blocks, etc I've been self hosting on a single box without much problem until last week.

We went from hundreds of thousands of requests per day to 5 million per day. Traffic was web scraping bots based on the obscure URLs. The URLs were valid (mediawiki history links, etc) and not attempts to hack the site. Banning IPs did not help, the traffic would move to new subnets. Mostly IPv4, some IPv6. The user agent was popular Chrome agent strings so I'm guessing it was masked puppeteer.

It was a DDoS in practice but I get the feeling it's an immature web crawler.

I think people are likely building a new generation of crawlers to feed LLMs as fast as possible.

The caching aspect of Cloudflare helped a lot. Putting specific url patterns behind Cloudflares dynamic JavaScript challenge also helped. It was surprisingly easy to setup.

And I know what some of you will say, Cloudflare is bad. I've personally been annoyed with them for making specific sites more difficult to use while on VPN. But it's not a hard choice when it's either taking your site offline or using their free tier offering.

simfree2y ago

I feel your pain, recently had something similar happen that forced a website I run behind cloudflare, there isn't much you can do when you get millions of requests in a day from tens of thousands of US IPv4 addresses that are on the residential networks you see non-malicious traffic from.

One thing that got me was seeing some of the malicious traffic originate from the same /24 as I use at home. Whatever botnet was being used certainly has good penetration of residential ISPs in the US!

luis82y ago

My girlfriend bought some Chinese WiFi plugs from Amazon to use with Alexa. I wonder how many of these devices are doing this from time to time. Amazon has tons of generic devices that connect to your WiFi network

rf152y ago

Why would someone want this? It seems a bit of an odd target.

nurettin2y ago

Adobe and Autodesk might have a conflict of interest.

janosdebugs2y ago

Autodesk maybe, but Adobe? I don't see anything on their product portfolio like Blender. Substance Painter maybe? But when it comes to ease of use and feature completeness, texture painting in Blender is a very rudimentary tool.

At any rate, taking down the Blender website wouldn't help them I don't think.

riidom2y ago

Adobe was corporate-level sponsor for .. wild guess, around one year maybe?

norwalkbear2y ago

AI plugins, on twitter artists are frothing at the mouth in rage.

arp2422y ago

Maybe they got an answer at the forums they didn't like? Some political viewpoint expressed somewhere they didn't like? "For teh lulz"? Who knows. Cunts will do cunt things on account of being a cunt. Often things are complex, nuanced, multi-faceted, and hard to understand. Sometimes they're not and it's almost shockingly simple.

jlmendezbonini2y ago

The world is a big place and the c word is considered offensive even when not used directed at a women.

Worth refraining for using it.

https://en.m.wikipedia.org/wiki/Cunt

strangesmells062y ago

You might be being insensitive to Australian culture where its just a normal word for them.

Might be trying to force your cultural norms onto foreign countries.

1 more reply

arp2422y ago

> the c word is considered offensive

Yes, that is why I used it. Seems like an appropriate way to describe these people.

smegsicle2y ago

this is an international forum, please check yourself before lecturing others for having different cultural norms

1 more reply

pixxel2y ago

It’s an offence to derail the conversation here on HN. Please refrain from being sensitive.

lacoolj2y ago

Lol "site is experiencing a DDoS attack. Here is a link to the site for all of you to click on"

norwalkbear2y ago

This is because of the AI plugin isn't it. Between this and Krita, a lot of artists want to "fight" back any way they can.

arp2422y ago

What's the context on this? Because what shows up in a quick search is from March[1], so this seems rather ... late? I see no particular reason/timing why it should be about that.

[1]: https://www.theverge.com/2023/3/3/23623473/blender-stable-di...

norwalkbear2y ago

The Krita plugin + some AI animation of some anime pushed some artists communities over the edge. You probably won't see it on the public Internet but discord, twitter, art subreddits, etc

vGPU2y ago

I see a lot of anger about krita getting a stable diffusion plugin, a choice quote here:

> Oh yes let's encourage people to download an app made by artists, for artists, not learn how to draw, and instead use a program that steals from artists, while using an art app.

Presumably the same issue is going on with blender? The Reddit thread on the site being down is mostly comments on “lol autodesk/adobe/etc must hate how good blender 4.0 is”.

saled2y ago

I think you mean "artists". If they were really artists they wouldn't be afraid of AI.

tester4572y ago

No most real artists still enjoy having a job and the actual process of painting.

tinus_hn2y ago

Like singers against phonographs:

https://recordinghistory.org/the-history-of-sound-recording/...

Technology marches on and menial jobs get obsoleted. That’s just the way it is, even if you enjoy being a ropemaker, basket weaver, keypunch operator or, in this case, an illustrator.

ilkke2y ago

Maybe them real artists are angry you can nowadays tell the computer how shiny something is and where to put the light and it will do all the rendering for you?

vanous2y ago

Unfortunately, the documentation site is down. Is there a mirror of https://docs.blender.org/ anywhere?

agbrrw2y ago

They should consider using Cloudflare.

whatevaa2y ago

> After four days of fending off the attacks, the team decided to move the core of our website to a secure service that provides DDoS protection (such as CloudFlare). This means that www.blender.org is back!

They litterally did that :)

remram2y ago

The "service such as CloudFlare" is CloudFlare, I just hit their CAPTCHA thing, and after checking "I am a human" 3 separate times I got through.

readyplayernull2y ago

To solve infinite captchas or to try again later, that's the question.

matt_heimer2y ago

Cloudflare has recently done away with captchas. Now you briefly end up on a page that runs JavaScript before automatically continuing.

And that can be controlled by your site's security level. Highest settings will show the JS page to all vistors, medium only shows it to likely bots.

https://blog.cloudflare.com/end-cloudflare-captcha/

amusingimpala752y ago

And yet after disabling uBlock Origin and uMatrix entirely, it puts me in the endless loop of reloading the page again and again each time after clicking the verification button. I'm writing this from Safari just because it wouldn't work with my Firefox setup with the aforementioned plugins

2 more replies

incomingpain2y ago

What is blender's favourite song?

"Under Pressure" by Queen.

j / k navigate · click thread line to collapse

44 comments

matt_heimer2y ago

It was a DDoS in practice but I get the feeling it's an immature web crawler.

I think people are likely building a new generation of crawlers to feed LLMs as fast as possible.

The caching aspect of Cloudflare helped a lot. Putting specific url patterns behind Cloudflares dynamic JavaScript challenge also helped. It was surprisingly easy to setup.

simfree2y ago

luis82y ago

rf152y ago

Why would someone want this? It seems a bit of an odd target.

nurettin2y ago

Adobe and Autodesk might have a conflict of interest.

janosdebugs2y ago

At any rate, taking down the Blender website wouldn't help them I don't think.

riidom2y ago

Adobe was corporate-level sponsor for .. wild guess, around one year maybe?

norwalkbear2y ago

AI plugins, on twitter artists are frothing at the mouth in rage.

arp2422y ago

jlmendezbonini2y ago

The world is a big place and the c word is considered offensive even when not used directed at a women.

Worth refraining for using it.

https://en.m.wikipedia.org/wiki/Cunt

strangesmells062y ago

You might be being insensitive to Australian culture where its just a normal word for them.

Might be trying to force your cultural norms onto foreign countries.

1 more reply

arp2422y ago

> the c word is considered offensive

Yes, that is why I used it. Seems like an appropriate way to describe these people.

smegsicle2y ago

this is an international forum, please check yourself before lecturing others for having different cultural norms

1 more reply

pixxel2y ago

It’s an offence to derail the conversation here on HN. Please refrain from being sensitive.

lacoolj2y ago

Lol "site is experiencing a DDoS attack. Here is a link to the site for all of you to click on"

norwalkbear2y ago

This is because of the AI plugin isn't it. Between this and Krita, a lot of artists want to "fight" back any way they can.

arp2422y ago

What's the context on this? Because what shows up in a quick search is from March[1], so this seems rather ... late? I see no particular reason/timing why it should be about that.

[1]: https://www.theverge.com/2023/3/3/23623473/blender-stable-di...

norwalkbear2y ago

The Krita plugin + some AI animation of some anime pushed some artists communities over the edge. You probably won't see it on the public Internet but discord, twitter, art subreddits, etc

vGPU2y ago

I see a lot of anger about krita getting a stable diffusion plugin, a choice quote here:

> Oh yes let's encourage people to download an app made by artists, for artists, not learn how to draw, and instead use a program that steals from artists, while using an art app.

Presumably the same issue is going on with blender? The Reddit thread on the site being down is mostly comments on “lol autodesk/adobe/etc must hate how good blender 4.0 is”.

saled2y ago

I think you mean "artists". If they were really artists they wouldn't be afraid of AI.

tester4572y ago

No most real artists still enjoy having a job and the actual process of painting.

tinus_hn2y ago

Like singers against phonographs:

https://recordinghistory.org/the-history-of-sound-recording/...

Technology marches on and menial jobs get obsoleted. That’s just the way it is, even if you enjoy being a ropemaker, basket weaver, keypunch operator or, in this case, an illustrator.

ilkke2y ago

Maybe them real artists are angry you can nowadays tell the computer how shiny something is and where to put the light and it will do all the rendering for you?

vanous2y ago

Unfortunately, the documentation site is down. Is there a mirror of https://docs.blender.org/ anywhere?

agbrrw2y ago

They should consider using Cloudflare.

whatevaa2y ago

They litterally did that :)

remram2y ago

The "service such as CloudFlare" is CloudFlare, I just hit their CAPTCHA thing, and after checking "I am a human" 3 separate times I got through.

readyplayernull2y ago

To solve infinite captchas or to try again later, that's the question.

matt_heimer2y ago

Cloudflare has recently done away with captchas. Now you briefly end up on a page that runs JavaScript before automatically continuing.

And that can be controlled by your site's security level. Highest settings will show the JS page to all vistors, medium only shows it to likely bots.

https://blog.cloudflare.com/end-cloudflare-captcha/

amusingimpala752y ago

2 more replies

incomingpain2y ago

What is blender's favourite song?

"Under Pressure" by Queen.

j / k navigate · click thread line to collapse