Good morning. Since a bit more than an hour ago, multiple people from our side begun working on restoring the availability of our services and will share further updates as they come.

Nothing that's impossible, it's all just a bit of a bother.

@LangerJan @codebergstatus

"May your arse forever itch and your arms be too short to reach."

@apnoe_soeren

DDoS attacks usually cannot be fought back on a per-user basis. These attacks typically floods the network with too much traffic, regardless of the target accounts.

What typically happens ... several thousand IP addresses tries to access a service on a server (say, https - TCP port 443) which opens up a response port on the server (the theoretical maximum is 65536 ports). The attackers continues to flood the network with such connection attempts, exhausting the response ports and keeping them busy. Which then results in the server not being able to receive any new connections, for example for https traffic. If the ssh port (TCP port 22) is not attacked, that may be accessible - until that port also gets attacked in similar ways.

Another approach is to do something similar, where the attacker trigger larger downloads - exhausting the available bandwidth to the server. Which again makes everything stop. And then keeping the server busy from thousands of different IP addresses.

Or a combination of these. The port exhaustion approach can also take a considerable large chunk of the available bandwidth, if there are enough IP addresses attacking.

The way to fight back DDoS attacks is usually to block the IP addresses flooding the server. Sometimes you can be lucky and it's enough to block IP address ranges for a certain country or a certain ISP. Other times you're not that lucky, as the attack comes from many ISPs and many countries. Or when you block one region, another region surfaces - in a true "whack a mole" game.

@codebergstatus