If you’ve been experiencing issues with BGG loading there’s a nefarious reason.
For those unfamiliar with DDoS attacks: the goal is to overload a service with requests until it can’t handle them and crashes. This prevents the server from sharing data with legitimate users. A handy video that goes into a bit more depth (we are not endorsing Radware – it’s just the most concise video I could find):
Scott Alden, one of the site’s co-reactors, shared an account of the attack on the site’s forums earlier this week. What they initially thought was a positive uptick in traffic last week turned out to be something quite different.
Wednesday started with BGG being completely non-responsive. We didn’t know it at the time, but the changes we made on Tuesday enabled the botnet to wreak greater havoc on our systems. Unfortunately, prior engagements I had scheduled prevented me from being able to further diagnose the problem during the day. That night we tried disabling various systems that we suspected were causing the problems, but this offered no relief because the problem was coming from outside. Wednesday ended up being a loss of BGG services for almost the entire day.
I woke up Thursday extremely groggy from sleep deprivation due to the previous few late nights of trying to solve the BGG issues. Dan and I tried some new strategies, but nothing helped so Thursday afternoon we solicited Twitter for advice from the community. Anna Filina responded and got straight to helping us systematically go through our entire system stack and asking questions we hadn’t considered. She really knew her stuff! With Anna’s help, by the end of Thursday we had identified some key data that lead us to uncover what we now know – that BGG has been the target of a sustained DDoS attack from a substantial botnet. Following the discovery of the true source of our problems the rest of the pieces started falling into place and we were able to devise a way to mitigate enough of the damage that was being caused to get the site close to normal operations.
Last week the BGG server was being hit with over 2k request a minute from 200,000+ different IPs, which blocked actual BGG readers from access the site. As of publication the attack has been mitigated. The admins have contacted appropriate law enforcement agencies, and are actively working to safeguard the site from further attack. No one knows why BGG is being specifically targeted.
Large sites are always at risk of being targets, and attacks on non-financial community sites – like BGG and Lexicanum – show that no one is immune.
BGG is a valuable resource for the gaming community that in no way deserves to be attacked like this. I hope their tech team is able to harden their server quickly and effectively; and that they aren’t targeted again.