Back (again!?)

What the Hell has been going on?

As many of the site's users have undoubtedly noticed (pretty difficult not to, frankly) ... the X-Plane Gateway Map has been under constant DDoS-attack for about three months at the time of writing. Because of this, the site has been - at most - performing miserably and - at worst - been offline altogether.

We've had our fair share of DDoS attacks before and - believed we had (at least for the most part) gotten rid of them. This latest attack against the site was interestingly (from a purely technical point of view) different. The attack was very "distributed" (making it impossible to just block source IP-ranges) and - the attack literally looked like normal traffic ... making it extremely difficult to distinguish the attack from any of the "normal" traffic we get.


To be honest ... I personally have absolutely no idea. As I've mentioned regarding the earlier DDoS attacks - there should be no plausible reason to attack the X-Plane Gateway Map; the site is ...

...etc. - and we do not even collaborate with the X-Plane Gateway with any user data they might have collected.

So - are we done with the DDoS?

Frankly - I am afraid not. As far as I'm able to fathom, the X-Plane Gateway Map is currently either blocking or expediently handling most of the attack queries targeted against our servers.

Unfortunately - I am afraid that the ongoing DDoS will continue as long as the entity behind the attack deems it worth their effort. At the moment - the site appears to be functioning ... relatively at least ... the way it was planned to.

Addendum 2023-08-14

The DDoS-attacks seems to be continuing - as before. But we are getting better at detecting the attack vectors used by the DDoSsers.

Addendum 2024-01-21

For a short while, the attacks appeared to have diminished - only to raise their ugly head again and making things more inconvenient for everyone. We have recognized a few new ways the attackers are using to make things slow to a crawl and have implemented countermeasures for these.

Hopefully this is the last time we need to address this issue.

Addendum 2024-06-09

The DDoS-attacks against our site have been continuing rather constantly during the last year. We've blocked many types of attacks, but still the aggressive actors keep finding new ways to make the site's performance drop like there's no end.

Most recent issues we've encountered caused our rendering engine (the system that draws the found markers for airports on the map) to get overwhelmed and subsequently drop our backend database to unreachable state. This has been the reason that users have been able to see the map, but unable to find any airports on the map because nothing gets rendered.

And now - henceforth?

Well... the thing is... I personally have in the past been very strongly opinionated against blocking larger IP-ranges, because not all users should be punished for actions of a few bad apples in the bunch. But now, I have frankly had enough.

I've configured our automated blocking system to use a way more aggressive hair trigger when unwanted traffic gets recognized. This will inevitably lead to some false positive timeouts being awarded to troublesome IP-ranges ... but if that is the price to pay to keep the site running comparatively smoothly for the majority of our users ... I'm willing to pay it.

Older stories...
XP12 Sceneries ALIVE
Missing Airports?
About XP12…
GDPR vs. Statistics?
Restoring Normality
Service Outages
August Issues
Missing Airport Markers?
Outage @ AUG 12th-15th

Gateway Map | Gateway Search