DDoS attack
Incident Report for NamePros
Resolved
At 19:55 EDT, a layer 7 DDoS attack targeted NamePros. The botnet attacking us consisted primarily of compromised IoT devices, such as webcams. Typically, these attacks do not have a significant impact; however, due to a misconfiguration in Nginx, each request took 50ms (0.05sec) longer to process than it should've, so the requests exhausted the PHP-FPM worker thread pools. At 19:59 EDT, we enabled Cloudflare's "I'm Under Attack!" mitigation mode, which blocked the attack. The servers immediately recovered. At 20:19, a patch was tested and deployed, and Cloudflare's mitigation settings were returned to normal.
Posted 3 months ago. Aug 26, 2018 - 19:55 UTC