Yesterday morning we had a massive denial of service attack on our website. Luckily, we survived it without any damage.
We had observed with our monitoring tool 207926 GET, POST and password guessing requests in five hours. Their origin were from the IP address 18.104.22.168 - a server hosted in France at OVH. Our web and the database server climbed up to 100% CPU load. The web sites at fairkom (link is external), a cooperative based in the alps which is hosting and supporting fair-coin.org, responded a bit slower as usual.
We are not paranoid nor do we believe that some cryptotrader wanted to blame us to see the FairCoin price falling and having bet on it. More likely, we were a random target by some script kiddies, who had konquered a Windows server at OVH cloud provider. We wanted to send OVH today an abuse report on this incident, but their abuse form responded: System failure.
Well, what can we learn from this? Have good passwords, keep your Content Management System up-to-date and be careful when selecting your cloud provider.
The future may be in distributed hosting. In the FairCoop technical group we are watching closely developments such as the Dat Project (link is external), which is about peer-to-peer data delivery e.g. for web sites. The new Fair.Coop web site will run without CMS to be prepared for such kind of hosting scenarios, that fit well to the concepts of a distributed autonomous organisation (DAO).