2020 has arrived

We've entered a brand new decade again ... it feels like last time this happened was just ten years ago :)


On New Year's Day, there was a short service interruption because an ancient Certificate Authority being used for server's internal connections (yes ... we are a bit paranoid about security, and thus even the site's internal connections between various virtual servers are encrypted) expired in the middle of the day (oopsie! when setting up the CA in 1998 it definitely was not thought that it'd still be in use after 22 years) and connections between the web frontend server and both database and logging servers simply stopped working. Thankfully, this was easily remedied by regenerating both the CA cert and the various client certificates.

On an unrelated issue, I have received many reports that the site has been unaccessible to quite a wide number of users even after above mentioned incident, but the problems seem to have "come and gone". Debugging such a Heisenbug is pretty frustrating, because if/when it is impossible to deterministically repeat the problem, trying to fix the underlying issue is always more or less "a shot in the dark" - i.e. "it might be caused by this thing, but I'm not exactly sure".

My best guess is that we've had some more DDoS attacks (and I still can't fathom why someone would want to DDoS us; most of the websites on our servers are not-for-profit) which have caused our automated countermeasures to temporarily block larger and larger subnets where the attacks seem to be originating from causing collateral damage for "real" users' connection attempts. I am sorry for the drastic measures that have been taken, but DDoS seriously diminishes the site's usability for everyone, so it only takes a few bad apples on some service provider to cause a lot of problems for everyone using the same ISP. An extreme sample of this collateral damage occured on January 3rd when the automatic countermeasures literally needed to block all traffic originating from APNIC address blocks for nearly 24 hours because the attacks were coming from all around in those blocks. This literally meant that pretty much no-one from China, India, Australia, the whole of South-East Asia and many others were unable to connect to the server during that time.

Again, I would urge the "script kiddies" (as said, can't relly fathom who would want to DDoS our servers on purpose) to ... please stop. You're not doing anyone any favors by doing that.


As mentioned in previous bulletins, since the map moved from Google server-side rendering of markers etc., we've had a lot more control overseeing how people are using the gateway map.

For example, now we know more precisely what search parameters people are using, which markers they click in order to get more information about airport layouts, etc.

So... in last week alone (taking into account the service interruptions and the fact that not everyone has had access to the service for other reasons), the Top50 airports most "checked out" by users have been:

Other bulletins...