On the fearless competitors, hosting in Russia and mail on mail.ru
What is a celebrity indicator for you? Well, to wake up and understand that your startup has become popular?
Waking up from vague premonitions at the beginning of the first hour of the night, I realized that we were popular - our site kuponator.ru was under a hard DDOS attack.
On Habré, many references to “coupons and discounts” have already jumped (most people noticed a trend, expressing it with phrases like “yes, all fucking @ # # $ s on these coupons!”).
It is understandable, reading articles like At every corner of the deal and familiarizing yourself with the terms of the partner programs of the “kuponosytov”, you involuntarily begin to silently move your lips and bend your fingers, trying to figure out possible schemes.
')
It is not surprising that coupon aggregators grow as radioactive toadstools in the magical forest of the country, which Dunno affectionately described with the words “I don’t know another such country.”
And someone becomes very, very closely in this glade. So closely that competitors don’t disdain to step over the current criminal legislation and slander their own karma.
But the article is not about that. The game has begun, Black made the first move, he must make a return one.
Calls to the hoster were crowned with answers in the style of "experts will come in the morning and fix everything."
I phoned in the night all the companies engaged in newfangled protection against DDIS, which they found in the search results on the first two pages. All companies offered to wait until the morning. However, insomnia and the prospect of looking at the loss of live income did not please me, and I continued to call further and was rewarded for it - only one immediately got down to business without looking at my watch.
Rummaging until the morning and realizing that the attack was serious (as a matter of fact, the DDIS adapted to the defensive measures taken by the defender), began to call an old acquaintance, the techies, to the “K” Directorate. Those advised a standard set - collecting logs, writing statements through the website 112.ru and, thanks to connections, to take all possible measures.
Enlisting with future support and hearing that the application will get to the right specialists, he began to understand further.
Like any decent aggregator, we have a list of the most delicious offers. As usual, the most active audience in this segment of services uses mail to mail.ru
And, as usual, trouble does not come alone. “The largest postal service in Russia” on the same day, without explanation, banned all the letters mentioning kuponator.ru.
Having started to find out through the links in mail.ru itself, what is the reason, it turned out that the anti-spam department did not ban the newsletter and the domain is not worth any spam or stop-lists.
Support Mail.ru responded in monosyllables, referring to the anti-spam department. Vicious circle. Snake devouring its own tail.
The guys from the antispam suggested that the ban could have occurred through the fault of the anti-virus system, filtering the letters, about which the letter was immediately written to the “Greatest Mail Service” abuse team, where the letter was safely lost.
There was nothing left to urgently redo the newsletter so that it went from another domain.
In the end, the attack reflected, but questions remained.
ps By the way, we have no complaints about the hosting - the guys helped as best they could.
ps as you might guess, it was DDOS advertising, site 112.ru, mail on Mail.ru and server placement on the principle of Peter the Little Pig.
Waking up from vague premonitions at the beginning of the first hour of the night, I realized that we were popular - our site kuponator.ru was under a hard DDOS attack.
On Habré, many references to “coupons and discounts” have already jumped (most people noticed a trend, expressing it with phrases like “yes, all fucking @ # # $ s on these coupons!”).
It is understandable, reading articles like At every corner of the deal and familiarizing yourself with the terms of the partner programs of the “kuponosytov”, you involuntarily begin to silently move your lips and bend your fingers, trying to figure out possible schemes.
')
It is not surprising that coupon aggregators grow as radioactive toadstools in the magical forest of the country, which Dunno affectionately described with the words “I don’t know another such country.”
And someone becomes very, very closely in this glade. So closely that competitors don’t disdain to step over the current criminal legislation and slander their own karma.
Who is to blame and what to do
But the article is not about that. The game has begun, Black made the first move, he must make a return one.
Calls to the hoster were crowned with answers in the style of "experts will come in the morning and fix everything."
I phoned in the night all the companies engaged in newfangled protection against DDIS, which they found in the search results on the first two pages. All companies offered to wait until the morning. However, insomnia and the prospect of looking at the loss of live income did not please me, and I continued to call further and was rewarded for it - only one immediately got down to business without looking at my watch.
Rummaging until the morning and realizing that the attack was serious (as a matter of fact, the DDIS adapted to the defensive measures taken by the defender), began to call an old acquaintance, the techies, to the “K” Directorate. Those advised a standard set - collecting logs, writing statements through the website 112.ru and, thanks to connections, to take all possible measures.
Enlisting with future support and hearing that the application will get to the right specialists, he began to understand further.
Like any decent aggregator, we have a list of the most delicious offers. As usual, the most active audience in this segment of services uses mail to mail.ru
And, as usual, trouble does not come alone. “The largest postal service in Russia” on the same day, without explanation, banned all the letters mentioning kuponator.ru.
Having started to find out through the links in mail.ru itself, what is the reason, it turned out that the anti-spam department did not ban the newsletter and the domain is not worth any spam or stop-lists.
Support Mail.ru responded in monosyllables, referring to the anti-spam department. Vicious circle. Snake devouring its own tail.
The guys from the antispam suggested that the ban could have occurred through the fault of the anti-virus system, filtering the letters, about which the letter was immediately written to the “Greatest Mail Service” abuse team, where the letter was safely lost.
There was nothing left to urgently redo the newsletter so that it went from another domain.
Conclusions and questions
In the end, the attack reflected, but questions remained.
- What did the customer of DDoS rely on? The motives for the attacks are clear - at high speeds of sites that sell discount coupons, every day the aggregator is idle - the loss of profit.
- Mail.ru is a respected “largest postal service,” how is it that your right hand does not know what the left hand is doing? Do support have access to representatives of other departments? There is still no response from the abuse team.
- Representatives of DDOS attacks protection companies - is it always necessary to wait for the morning? There are businesses for which every idle hour is critical.
- Representatives of hosting companies, does the “anti-DDoS” service really work or is it a beautiful extortion of money? As the Hosting-Representative representative told us in a private conversation: “Guys, if you want a real-life anti-DDoS service, transfer the server to Europe or the USA.”
ps By the way, we have no complaints about the hosting - the guys helped as best they could.
ps as you might guess, it was DDOS advertising, site 112.ru, mail on Mail.ru and server placement on the principle of Peter the Little Pig.
Source: https://habr.com/ru/post/115266/
All Articles