I've been DDoS'ed!

Website URL

(Hidden) Account: if0_37772173

Error Message

(Redirect to suspended website link)

Other Information

My account received a DDoS Hits attack! The Hits counter was SO high, on my mobile phone the red and green lines blend together! From the making of this post, this was about an hour ago, not noticed until I was doing my casual login into JriMail (which uses part of this account.)

I know the code I was using wasn’t causing this issue. In fact, when I was working on code, I was in a different account.

I know there is nothing that can be done right now. I would just have to wait ~25 hours for these sites to come back online. The fact that the spike is so high has placed me in a emergency lock down situation.

I don’t know if I am allowed to show my Hits graph, please edit if I am not, but here it is:

hits-sus370×200 5.69 KB

(Guessing every notch on the side is 50000, spike tops at 450000)

I am deciding if I should work on emergency plan-b resolutions or if I should suspend my accounts for a while, but I don’t want to lose my ability to host my sites with your services. I am posting this with the knowledge that nothing can be done to resolve this, posting this as a timestamp of what happened if there is an investigation or something.

I hope this doesn’t affect me later!

EDIT: I suspended my one account, then idled the last account. I am planning on suspending that one too, but I am idling the last one since it is the JriMail service many people use.

EDIT: Last account is now suspended. I have chosen to keep all of my accounts suspended for 48 hours. This is for my accounts’ safety.

If hits > 800k in one month, you may be permanently suspended

If that is the case, and this attack happens again after these sites are restored, then I am so f***ing screwed. That would mean I can’t host with this service, which means…

… I can’t use free hosting. Which is very difficult for me.

I too had this issue and had to get a domain name to enable cloudflare ddos protection which at one point showed I think it was 1.5 million hits in 1 hour

Its a shame that cloudflare doesn’t allow IF’s free subdomains to be used with their service

Reading up on articles here, I am not alone. It seems like other people are being attacked/DDoSed too. I just hope and pray that this issue doesn’t happen again.

How could the number get so high before shutdown? I thought the cap was strictly set, to where it seriously couldn’t be exceeded.

My mind thinks that this is involving iFastNet, but they wouldn’t do this…
…right?

You won’t be the first one to think about this

There might be delays between the hits actually happening, for the hits to be counted, and the limits to be enacted. If you have a very high hits usage (millions per hour as some have seen), it might be that the suspension system is just acting too slow.

If I restore services [Unsuspend account], only have it open for a set period of time, then shut-down services [Re-suspend account], would that work out for me while I’m in Emergency mode?

After x number of suspensions your account is permanently removed. Also, then you’ll get issues with DNS propagation and caching. Best thing to do is buy a domain and use Cloudflare. Under attack mode and Cloudflare access are both ways to help prevent DDoS.

Overnight, around 12:00, the account was DDoSed again.

This time, the spike is worse! I can’t see a gap on my laptop!

hits-sus.php370×200 6.35 KB

Suspended for Hits, but by the time is online again, I won’t be awake to close it again.

I may not be able to continue hosting with your services, since there is no DDoS protection or strict hits counters. Paying for a domain is the equivalent to buying hosting services, and eu.org is taking forever to approve my request. (I hope the owner there is okay)

There isn’t a point to log and ban IPs, since banned IPs are still able to generate hits (which is really dumb!)

Tell me about it. You can always use PP.UA instead? I don’t know if that works with cloudflair, since I still need to set it up. Getting the domain is pretty quick

It should work, considering that it’s in the Public Suffix List the same way as EU.org is.

Brill, I need to get round to setting up cloudflair on mine.

I lost my account.

iFastNet won’t restore it.

iFastNet made backups, but won’t remove the domains.

iFastNet says the domains are forever lost to the account.

I’m forever screwed.

Oh no that’s really rubbish.

So sorry to hear that this has happened

Please understand that if your website is overloading the servers, then we do not want to host that website again. That means the old account will not be reactivated, but we also won’t release the domains so you can restore the website on a new account, because that doesn’t help either.

If you are using custom domains, then you can just change the nameservers and host them elsewhere. With free subdomains, probably your only option is to migrate them to premium hosting.

iFastNet won’t even host these on premium hosting, they told me.

(Links no longer at rest, but are not available right now)

All because some bored kid probably found the setInterval() in the Javascript docs

I’ve just had the same 2.86k unique visitors in the last hour according to cloudflare… I’ve turned on “I’m under attack” mode, but it was too late to stop my account being temporarily suspended

I wish there was a way to identify and stop these attacks

I’ve had the I’m under attack mode turned on for 2 years now or possibly even longer, I forget

This attack on infinityfree has been going on too long

Can the ISP that provides internet for IF/IFN detect and filter connections ?