Please refrain from posting animated GIFs, memes, joke videos and so on in discussions other than those in the off topic area.

Dismiss this message to confirm your acceptance of this additional forum term of use.
You must be 16 or over to participate in the Brickset Forum. Please read the announcements and rules before you join.

Brickset.com site issues

2456711

Comments

  • ljames28ljames28 Member Posts: 88
    edited February 2014
    Would that be Cloudflare by any chance? Ah, looking at that link it is. If the DDOS people already have the servers IP it can't help with that aspect of things, but it can prevent future attacks. You may want to rename the direct. Subdomain if you haven't already to stop attackers getting the IP. We find it very good for static content, speeds things up greatly.
  • legoprodslegoprods Member Posts: 420
    For me, the forum is also messed up. Isn't it hosted with different people than the main page?
  • RikTheVeggieRikTheVeggie CanadaMember Posts: 212
    ^^ tracert looks much cleaner, and I can actually trace all the way through to the host. After ipconfig /flush am unable to load brickset.com though (not even the holding page) - it eventually comes back with a 504 timeout.
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    edited February 2014
    Good advice, thanks Lawrence, done.

    If I change host then the IP will change and I'll keep it secret this time :-)

    @legoprods, yes but the CSS comes from Brickset.com which may not be serving it at the moment. I guess I could disable the custom theme to get rid of the unstyled header although my browser still has the CSS cached so I see it properly.
  • legoprodslegoprods Member Posts: 420
    I thought so about the CSS, but I am also having problems in load times. It will take around a minute to load a discussion, but maybe it's just me.
  • Cam_n_StuCam_n_Stu UKMember Posts: 368
    edited February 2014
    I'm getting intermittent errors from Cloudflare London:

    "Website is offline. No cached version of this page is available. (504 Timeout)"
  • Cam_n_StuCam_n_Stu UKMember Posts: 368
    edited February 2014
    I'm getting intermittent errors from Cloudflare London:

    "Website is offline. No cached version of this page is available." (Error 524: A timeout occurred)

    I am guessing this will improve over the next few hours as Cloudflare's CDN manages to cache more and more content and that in turn will lighten the load on the origin Brickset server.

  • VenunderVenunder Nottingham, UK.Member Posts: 2,043
    I still cannot get to the Login from the home page of the new site.
    The old Brickset is still completely unreachable for me.
  • LegoboyLegoboy 100km furtherMember Posts: 8,031
    Venunder said:

    I still cannot get to the Login from the home page of the new site.
    The old Brickset is still completely unreachable for me.

    Try this. I had a bit of help too. :o)

    http://new.brickset.com/login
  • GoonyGoony Member Posts: 5
    @Cam_n_Stu, thanks. Things make a lot more sense now though I can't see why anyone would attack a Lego Fan website. Lots of nutters out there...
  • iuliandiuliand Member Posts: 15
    Ouch! new site is almost unusable for me now. I get a lot of 524 errors from cloudflare. It says that the host is offline... :(
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    My DNS hasn't refreshed yet so I can't test. tracert from here still goes to the old one.
  • BooTheMightyHamsterBooTheMightyHamster Northern edge of London, just before the dragons...Member Posts: 923
    @Huw
    If you move to a better provider, presumably there will be cost implications for you, so I just want to clarify something.
    I buy a shedload of stuff from Amazon every year - does the referral link on the Brickset homepage only earn you money on Lego purchases, or is it anything?
    'Cos if so, I'll use the link everytime.
    legoprods
  • plasmodiumplasmodium UKMember Posts: 1,873
    @Cam_n_stu, you have the ability to translate computer speak into human! You could make millions!
  • alexwilalexwil UKMember Posts: 298

    @Huw
    If you move to a better provider, presumably there will be cost implications for you, so I just want to clarify something.
    I buy a shedload of stuff from Amazon every year - does the referral link on the Brickset homepage only earn you money on Lego purchases, or is it anything?
    'Cos if so, I'll use the link everytime.

    Excellent question! If it's everything count me in too! Don't get a lot of LEGO from amazon but get lots of other bits!
  • drdavewatforddrdavewatford Hertfordshire, UKAdministrator Posts: 5,950
    edited February 2014

    I buy a shedload of stuff from Amazon every year - does the referral link on the Brickset homepage only earn you money on Lego purchases, or is it anything?

    It's anything - not just LEGO.
  • richoricho Member Posts: 3,780
    ^ I didn't know that either! Buy quite a few blu-rays too, so will go through brickset now. Could do with a link for 'other items' or such like.
    Cam_n_Stu
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    ^ Just follow any link to Amazon and buy anything when you get there. That's all that's needed.
    KingDavebluemodern
  • legomattlegomatt Member Posts: 2,526
    This is one of those rare occasions on which I wish I knew about computers. It's really frustrating when I can't do anything to help. :o(

    FWIW, I can't access either brickset.com or new.brickset.com at all.

    (Except to occasionally to see the 'brickset is down, try the new site' holding page).
  • rebrickablerebrickable Member Posts: 36
    I actually had a lot of performance and javascript issues when using Cloudflare for Rebrickable and had to disable it despite having their support team trying to figure it out. It works great for Bricksafe though, so I guess its highly dependent on... something :)
  • ljames28ljames28 Member Posts: 88
    Oh, you do need to check if their default settings break things, specifically auto minifying html/js/css
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    edited February 2014
    OK--thanks for the advice. I haven't been able to test it properly yet, the site is still too slow from here to be able to do anything.

    I am however still seeing a lot of requests for css/jpgs etc. in the webserver logs which I thought it would cut down on.

    I'm also not seeing any traffic in the dashboard yet, but given I only enabled it 12 hrs ago presumably it takes time to display.


  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    edited February 2014
    Status update 3rd Feb 09:00

    -The main site, www.brickset.com is still offline (although as I type I've enabled it again to see the effect)

    -new.brickset.com seems to be sort of working but is very slow to initially load when I try, and I can't get beyond the home page, pages are simply not loading.

    - Cloudflare has been enabled and may or may not be working or helping, I can't tell yet!

    - It does seem like quite a few people are using the new site and I can see the database is being queried normally, and SQL Express seems to be holding up fairly well.

    - Another DoS was launched this morning from a similar IP to yesterday and may well be still underway. Steps have been taken to minimise its effect but it's probably still having an impact.

    Obviously I won't be officially launching the new site today, as originally planned :(

    I'll continue to work with ORI to resolve the issues (when they wake up) and also pursue hosting elsewhere as a backup plan.

    Please accept my sincere apologies for the inconvenience.

    If you are able to, please continue to support the site via these Amazon links during these difficult times:

    http://www.amazon.com/?tag=brickset-20
    http://www.amazon.co.uk/?tag=brickset-21

    Also, please let me know, what's the site like for you?

    Thank you!
  • Cam_n_StuCam_n_Stu UKMember Posts: 368
    @Huw Thanks for the update. I can feel your pain from here!

    I would have expected to see Cloudflare helping by now but it doesn't seem to be for me.

    As you have said already you have full backups of the site I would be talking to alternative hosting providers, explain the situation and ask about how quickly they could get you back up and running. I would expect most of the credible providers to be able to spin up an suitable environment in less than 24 hours and probably more like a few hours for some of them. My first thought was rackspace.com*, they are not cheap but you do get what you pay for in my experience.

    * I don't work for them, before anyone asks!
  • Cam_n_StuCam_n_Stu UKMember Posts: 368
    I'm just buying something via your Amazon link, not a big purchase but every little helps.

    You should consider setting up a PayPal donation page too. I would be happy to put a few quid in to help get Brickset.com back and keep it running and I am sure a number of others on here would as well!
    Daragh
  • Lego91Lego91 GermanyMember Posts: 86
    Both sites don't work for me. I get the error message in the old site and the new one manages to load but is unable to use because the other pages don't work like they should.

    Gosh, I did not know how addicted I really am to Brickset until it started working properly. I miss it so much! Still need to add new sets to my collection and it feels horrible not being able to do it.

    Thanks for everything you do Huw!
  • beegeedeebeegeedee Galway, IrelandMember Posts: 380
    @huw, is the SQL Express one of the newer flavours? I know they changed the concurrency and database limits in 2008 R2 which makes a huge difference to performance and they probably upped them again for 2012. To be fair, unless huge time-consuming queries are running across a huge number of users you probably don't need more than 10 active connections for 250+ users as long as the connections are pooled.

    I remember working on a system years ago with really heavy queries and never saw more than about 12 connections for 4-500+ users on any one server in the cluster with a single database server driving them.
  • flowerpotgirlflowerpotgirl ScotlandMember Posts: 147
    Yes I agree, I am missing the site so much -neither are working for me here. Hope you manage to get it sorted soon @Huw, this must be a nightmare for you.
  • cheshirecatcheshirecat Member Posts: 5,308
    new.brickset.com is working for me, but it is horribly slow.
  • legobigblokelegobigbloke UKMember Posts: 32
    New site working fine for me. Run search and hit pages I don't normally to see if all ok. Fingers crossed it stays up.
  • mressinmressin Lego City... erm LondonMember Posts: 843
    Well, my 2 cc:

    The old site (site-is-down message) shows up for me, the new site works occasionally. I didn't test in detail how well the new site works.

    I'm a little bit confused. Shouldn't DoS attacks shouldbe handled by the provider? They have plenty of options at their disposal to handle a DoS attack swiftly and effectively, especially if it's not DDoS. Is it just me, or do others also have the impression that the provider is leaving @Huw alone with this problem?
  • masterX244masterX244 GermanyMember Posts: 426
    damn... mainpage worked but after login: error 524 slaped into my face..
    may those ddos-ers emd in the M***B***-Hell
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    edited February 2014
    @bgd, it's 2008 R2. The only difference between it and SQL Server, so I'm told, is the amount of RAM/CPUs and database size it supports.

    An advantage of Express over using a shared SQL server is that I can see activity and also use a profiler to see what queries are running and how long they take. It's been an eye opener, actually: the main search stored procedure was optimised for the new site and most queries take 1-1.5 seconds to execute, but a few lesser used ones, those operating on the collection table, with millions of records, look like they could use some index optimisation.

    There are currently 7 SQL sessions although of course the site is nowhere near running normally.

    I have to assume that it's a network issue currently because the CPU is averaging 40% and the database is chugging along nicely so the actual server is not being stressed.

    ORI have been helping sort the DoS but I think they've been plagued with a number of them over the last week or so, for whatever reason. As for the attacks on Brickset, a single German IP address again started requesting thousands of /browse/themes/ pages this morning. Yesterday there was 50,000 requests in an hour. Today I spotted it earlier and have blocked the entire subnet now.

    A question for you experts out there: if I'm using CloudFlare now, any protection it provides against DoS would be bypassed once the IP address of the server is known . How easy is it to find the IP address out? Should I worry?
  • paul_mertonpaul_merton UKMember Posts: 2,663
    Duq said:

    DoS attacks don't come from one IP, that sounds more like someone has written a bad scraper.

    A DoS attack can be effective from a single IP address if there is a suitable weakness to take advantage of (either in the server software or at the application level)... but I'd hope that a competent hosting company would be able to deal with that sort of thing!
    Cam_n_Stu
  • paul_mertonpaul_merton UKMember Posts: 2,663
    Huw said:

    A question for you experts out there: if I'm using CloudFlare now, any protection it provides against DoS would be bypassed once the IP address of the server is known . How easy is it to find the IP address out? Should I worry?

    There could be all sorts of tricks, but here's a list of ideas to mitigate it: http://blog.cloudflare.com/ddos-prevention-protecting-the-origin
  • YellowcastleYellowcastle Administrator Posts: 4,401
    How can one single person be this successful at shutting down a site? Even in coordinated attacks, it always seemed to me to be a shorter experience? Isn't this illegal in most countries? Whose responsibility is it to stop this, the site owner, the server manager, the attacking ISP company or the ISP jurisdiction authorities? In such an un-coordinated event, couldn't someone just shut out the locality and work backwards from there?
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    @paul, thanks. The first comment to the article, blocking all incoming traffic except from cloudflare, would seem like a good approach, but would it still allow access to the site? When I view the web server logs now I see loads of different IPs still. Presumably they get passed through somehow?

  • wjoeyjoneswjoeyjones USMember Posts: 8
  • bellybutton290bellybutton290 Member Posts: 453

    Isn't this illegal in most countries?

    There's potensial prison time in the US and UK and alot of others.
  • beegeedeebeegeedee Galway, IrelandMember Posts: 380
    edited February 2014
    @huw just did some digging. I remembered (incorrectly as it turns out) that SQL Express had limits on the number of concurrent users but that appears to be for MSDE. The only limit is the 10GB database and 1GB Ram that you can use so this should definitely be more powerful than any shared hosting assuming the server has plenty of memory. I generally use SQL Developer for the work I do which I've never really noticed any difference with to be honest.

    Seems to be fast enough anyway - the main page anyway.
  • legomattlegomatt Member Posts: 2,526
    edited February 2014
    Nothing to apologise for @Huw

    I know it's your livelihood now, which makes everything all the more pressing for you, but don't put yourself under any pressure on our account. Take a rest if you need it, and know that you have our total support.
    Cam_n_Stu
  • HuwHuw Brickset Towers, Hampshire, UKAdministrator Posts: 5,717
    edited February 2014
    It's all very strange. If I connect to the server via RDP and browse old and new on the server it runs perfectly: the server is not overloaded at all. The processes to import data are all running successfully. I'm certain it's a network related issue.

    The main www.brickset.com is up now, although I can't connect to it still from here. The SQL server is chugging away nicely and there are about 20 sessions open. 116 people are using the main site and 160 the new so it must be working for someone!

    I've asked ORI for and update/plan by the end of today and if it's not to my satisfaction I will be hosting elsewhere: I have a provider and quote lined up, I just need to give them the go-ahead. It will be a hefty dedicated server with SQL2008 web edition on the same box as the front end.

    If that occurs I should have it up and running on that platform tomorrow or Wednesday, particularly as the DNS won't need changing from CloudFlare, just the server IP address setting there.

    Thank you all for your kind words and support.
    Cam_n_Stubeegeedee
  • legomattlegomatt Member Posts: 2,526
    edited February 2014
    I'm not a techy person (as we all know), but is it remotely possible that the new hosting people can't actually handle any traffic/are much smaller then they make out? Or have restricted your bandwidth-type-stuff in favour of other sites they host and are just fobbing you off with near-zero service, with the attitude that 'it's a little lego-fan site, what capacity do they need'?

    It's probably nothing like that at all, but it crossed my mind.

    (Apologies in advance for my being stupid).
  • PaperballparkPaperballpark UKMember Posts: 2,438
    @Huw both sites seem to be working for me now, although not perfectly - the 'browse' section isn't working on either, and the old site drop-down menu seems to be transparent, which is odd. Also, the 'My Sets' overview page isn't loading, although both my wanted and owned list load fine.

    You're doing a great job Huw, and everyone on here is 100% behind you!
    flowerpotgirl
  • iuliandiuliand Member Posts: 15
    In the last few days I started to use again an old laptop. Because I did not renew the license it runs an older Avira i.s. 2012 last updated on 13/6/2013. Only on brickset site (new and old), on every page load, with three different browsers, I get from Avira the following warning: Object "http://ct1.addthis.com/static/r07/sh148.html" Detection "HTML/ExpKit.Gen3".
    I was certain that it is a false positive or something else because on another computer with updated Avira I get no warning.
    Seeing today that brickset is still having troubles I decided to tell you this just in case it may have some relevance to the case.
  • CapnRex101CapnRex101 United KingdomAdministrator Posts: 2,120
    Both sights are now up for me, although each one is slow.

    A huge thanks @Huw for all of your hard work over the last few days. Hopefully we will all be able to say very soon that we lived through the great Brickset crash of 2014 :o)
    StuBoy
  • legomattlegomatt Member Posts: 2,526
    2014... *shudder* I don't know anyone who's having a good one.
  • rebrickablerebrickable Member Posts: 36
    If you haven't already, reduce the TTL of your DNS entries now. Makes switching hosts take effect much faster.
  • BooTheMightyHamsterBooTheMightyHamster Northern edge of London, just before the dragons...Member Posts: 923
    I can get to the home page of old & new sites, but struggling to do much else. Searching the database results in a page-loading hang. Forum seems to be ok though.

    It's a pain, but it won't be forever.

    All the best, @Huw !
    We aren't going anywhere!
  • KangojackKangojack Member Posts: 38
    Australia. Just receiving CloudFlare timeout Host errors (error 504). From both the old and new sites.
Sign In or Register to comment.
Recent discussions Categories Privacy Policy