On Friday afternoon, October 25th, ReadMe was targeted by two overlapping Denial-of-Service attacks, first intermittently and then persistently. We believe one to be malicious, the other accidental. We are in the final stages of implementing our pre-existing plans to move CDN Delivery and SSL Certs to CloudFlare which will assure an outage of this magnitude will not occur again.
All ReadMe projects, including ours (docs.readme.com)
The first attack lasted from 9am to 6pm PST. The second from 1pm to 7:30pm PST
A few months ago we started the process of migrating to CloudFlare for CDN delivery and SSL Certification duties. This will enable us to handle these influxes of traffic and attacks and allow us to set rules blocking traffic that do not require a production deployment of our infrastructure. Once the final steps of this migration are complete we will not experience this level of service disruption again.
Attack #1 Details (Malicious)
We put our docs behind a CDN and added 2 firewall rules:
These rules together blocked over 2m requests in a couple of hours.
Attack #2 Details (Accidental)
We performed the following steps to mitigate against this:
We blocked the hub and communicated with the customer.