ClaudeBot server attack.

Latest Atari related news.
User avatar
exxos
Site Admin
Site Admin
Posts: 24061
Joined: Wed Aug 16, 2017 11:19 pm
Location: UK
Contact:

Re: ClaudeBot server attack.

Post by exxos »

I have removed the ClaudeBot block from nginx, just for testing my new measures really..

I am not really sure if the bot is still trying to access the server. This is more of a test for my rate limits and other measures more than anything.

Of course if the server starts running slow I will enable the block again. But the server should allow "some abuse" before it starts banning IPs automatically now. I'm more interested in testing it all out more than anything at this point.
https://www.exxosforum.co.uk/atari/ All my hardware guides - mods - games - STOS
https://www.exxosforum.co.uk/atari/store2/ - All my hardware mods for sale - Please help support by making a purchase.
viewtopic.php?f=17&t=1585 Have you done the Mandatory Fixes ?
Just because a lot of people agree on something, doesn't make it a fact. ~exxos ~
People should find solutions to problems, not find problems with solutions.
spinecki
Posts: 1
Joined: Tue May 14, 2024 9:41 pm

Re: ClaudeBot server attack.

Post by spinecki »

exxos wrote: Sat Apr 27, 2024 8:14 pm
sandord wrote: Sat Apr 27, 2024 5:37 pm Have you considered using CloudFlare to guard against these kinds of attacks?
I did look at ddos protection but it's another £5:a month. cloudflare I think we're also blocking my server like Microsoft are.

I'm sill thinking about it all.
Hi, i got to your forums looking for information on claudebot... anyway I also am owner of several phpBB (go phpBB!) forums. I had an ultraheavy traffic problem at the end of April as well. I went for cloudflare, a free plan of course. There is a very easy way to configure it, so that only good bots go through (+they optimize traffic/bandwidth on the fly). Anyway, I am happy with it, it does its job (although I had to learn how to configure it, because at first I got like -90% of my revenue from adsense, because of bad configuration ;) - few lessons learned, so it means I can help!).

Screenshot Capture - 2024-05-14 - 23-10-30.png
Screenshot Capture - 2024-05-14 - 23-10-30.png (57.93 KiB) Viewed 197 times
User avatar
HigashiJun
Posts: 1272
Joined: Fri Jun 19, 2020 7:21 am
Location: Tokyo

Re: ClaudeBot server attack.

Post by HigashiJun »

I have no access to the forum since Monday 13th, just a black page on Firefox saying the site is not available... :(

Access from my workplace works normally.

Is this related to the Claudebot ?
User avatar
exxos
Site Admin
Site Admin
Posts: 24061
Joined: Wed Aug 16, 2017 11:19 pm
Location: UK
Contact:

Re: ClaudeBot server attack.

Post by exxos »

HigashiJun wrote: Wed May 15, 2024 7:15 am I have no access to the forum since Monday 13th, just a black page on Firefox saying the site is not available... :(

Access from my workplace works normally.

Is this related to the Claudebot ?
Your IP likely got banned due to rate limits. I'd need your IP to check.
https://www.exxosforum.co.uk/atari/ All my hardware guides - mods - games - STOS
https://www.exxosforum.co.uk/atari/store2/ - All my hardware mods for sale - Please help support by making a purchase.
viewtopic.php?f=17&t=1585 Have you done the Mandatory Fixes ?
Just because a lot of people agree on something, doesn't make it a fact. ~exxos ~
People should find solutions to problems, not find problems with solutions.
User avatar
exxos
Site Admin
Site Admin
Posts: 24061
Joined: Wed Aug 16, 2017 11:19 pm
Location: UK
Contact:

Re: ClaudeBot server attack.

Post by exxos »

spinecki wrote: Tue May 14, 2024 9:53 pm Hi, i got to your forums looking for information on claudebot... anyway I also am owner of several phpBB (go phpBB!) forums. I had an ultraheavy traffic problem at the end of April as well. I went for cloudflare, a free plan of course. There is a very easy way to configure it, so that only good bots go through (+they optimize traffic/bandwidth on the fly).
Thanks . Though I've had no end of problems with cloud flare blocking legitimate traffic. It may be users config issues, but I'd rather avoid using it. I've wrote lots about it all already.

The ddos type "attacks" should be handled by nginx now. Basically all is welcome as long as the server is not abused with 900+ IPs opening up 20+ connections per second like that bot did. Such traffic gets a 30 day ban now. So I should be able to forget about the whole thing now.
https://www.exxosforum.co.uk/atari/ All my hardware guides - mods - games - STOS
https://www.exxosforum.co.uk/atari/store2/ - All my hardware mods for sale - Please help support by making a purchase.
viewtopic.php?f=17&t=1585 Have you done the Mandatory Fixes ?
Just because a lot of people agree on something, doesn't make it a fact. ~exxos ~
People should find solutions to problems, not find problems with solutions.
User avatar
HigashiJun
Posts: 1272
Joined: Fri Jun 19, 2020 7:21 am
Location: Tokyo

Re: ClaudeBot server attack.

Post by HigashiJun »

exxos wrote: Wed May 15, 2024 7:17 am Your IP likely got banned due to rate limits. I'd need your IP to check.
Ok, I will send it tomorrow as I am still at work now...

Thanks.
User avatar
exxos
Site Admin
Site Admin
Posts: 24061
Joined: Wed Aug 16, 2017 11:19 pm
Location: UK
Contact:

Re: ClaudeBot server attack.

Post by exxos »

It looks like it was a rate limit ban. That would need over 600 connection requests at once. I think possibly if trying to load forum and the store at the same time could have tipped it over the edge :( I have upped the limits a fair bit again. I also changed the ban time to 2 days.

I think possibly what could be a possible trigger is if "Harry the hamster" is showing during the store load is not immediately appearing as expected. This is probably down to the rate limits kicking in and causing images in the store to load slowly. In which case Harry could be displaying for 20-30 before the store actually appears. Closing the store and trying to reload it again will not solve that problem and likely lead to a ban because of a extra 200+ connection requests. But really, this "trigger" should never really happen anyway.

But if anyone does see the something off, people will have to tell me. Try and remember exactly what you was doing at the time.
https://www.exxosforum.co.uk/atari/ All my hardware guides - mods - games - STOS
https://www.exxosforum.co.uk/atari/store2/ - All my hardware mods for sale - Please help support by making a purchase.
viewtopic.php?f=17&t=1585 Have you done the Mandatory Fixes ?
Just because a lot of people agree on something, doesn't make it a fact. ~exxos ~
People should find solutions to problems, not find problems with solutions.
User avatar
HigashiJun
Posts: 1272
Joined: Fri Jun 19, 2020 7:21 am
Location: Tokyo

Re: ClaudeBot server attack.

Post by HigashiJun »

It seems I'm banned again...

:cry:

Same situation as previously: I wanted to check the store and Harry the Hamster was spinning its wheel indefinitely. I then closed the window and my browser, but when I tried to access the exxos forum again, I was greeted by a black screen...

The only difference this time is that I couldn't access the store at all, while last time I was already in.

Strange that this issue doesn't happen from my work place.
User avatar
exxos
Site Admin
Site Admin
Posts: 24061
Joined: Wed Aug 16, 2017 11:19 pm
Location: UK
Contact:

Re: ClaudeBot server attack.

Post by exxos »

I'll take a look at the logs in the morning..
https://www.exxosforum.co.uk/atari/ All my hardware guides - mods - games - STOS
https://www.exxosforum.co.uk/atari/store2/ - All my hardware mods for sale - Please help support by making a purchase.
viewtopic.php?f=17&t=1585 Have you done the Mandatory Fixes ?
Just because a lot of people agree on something, doesn't make it a fact. ~exxos ~
People should find solutions to problems, not find problems with solutions.
User avatar
HigashiJun
Posts: 1272
Joined: Fri Jun 19, 2020 7:21 am
Location: Tokyo

Re: ClaudeBot server attack.

Post by HigashiJun »

Thanks !
Post Reply

Return to “NEWS & ANNOUNCEMENTS”