Hey all, i think we've finally got to the root of the server outages here. From the hosting provider: We will be migrating to a new physical node. There may be a short outage as we do this, but hopefully we'll be stable form here on out.
"This behaviour is caused by instability" Holy shit! Either an Englishman or Canadian wrote this response.
Yes, one from Pakistan or India most likely lol. I wonder if our servers are based near some country the US has been bombing and thats causing the unstable behaviour lol
Yeah. "Large Scale Strikes" agaisnt dsp servers and an attempt to capture myself and my wife were repelled this morning. The spice must flow
I have a hostgator account fully paid off for all of 2026 at their mid tier of about 400 dollars a year. Its overkill for our small forum and i only paid for it because it triggered an automatic payment that i forgot to cancel and im stuck for the whole year again. Dont you hate when that happens? But i kept expecting you to hand over the keys back to me at some point. I am forgetful though. That may explain somewhat somethings.
We are migrated to the new physical node and server load averages looking way lower, and the site seems faster. Looks like we are good to go.
Im working on it! There is only so much I can do in a week. I already got the mana system down to the 7 colors of the rainbow. Tying it to the most renowned native spice species of each continent. As well as other relevant things that also come in sevens. I mean, i got what you said about playing Magic. Why play it amirite? Its base 10 like everything else is. Besides pagan magic people believe in giant gods with 6 fingers on each hand. That sounds like some AI shit to me. Then again in the before times the times were counted in base 12. Hmmm... At some point the past starts to sound like AI slop copies of one single source. February only has 28 days. And on the 14th the little che'rub tries his best. I feel an affinity with the type even though i dont have 14 fingers looking back at me. I can still virtually digitize it by extension. Now back to getting blood outta stone.
Server is back up. This morning's outage was caused by a brute-force SSH attack that overwhelmed the server's ability to log and resulted in a server crash. We have changed the threshold to block these attacks without logging and shouldn't be vulnerable to a similar attack again.
so weird that anyone would want to attack an innocuous site like DSP any way to know where it came from? or what someone might stand to gain from doing so? i know things don't always make sense or fit into a neat box just strikes me as strange and thanks for the reboot!
Grok was pretty helpful Primary Motivations (Profit-Driven – 90%+ of Cases)These are business-like operations for cybercriminals: Use your server as infrastructure for attacks / crime Once inside via SSH (especially if they get root or high privileges), they can: Run crypto miners (steal CPU/GPU power for Bitcoin/Monero mining) Host phishing pages, malware downloads, or command-and-control servers Launch spam bots or brute-force attacks against other targets Send massive spam emails (your domain/server gets blacklisted, not theirs) Store stolen data temporarily or use it in botnets Small sites on shared/VPS hosting are perfect because they're cheap to compromise, often poorly monitored, and provide "clean" IP reputation initially. Credential harvesting & pivoting They grab stored SSH keys, passwords, database creds, or API tokens from your server. These get resold on dark web markets or used to hop to bigger/more valuable targets (e.g., if your small site is linked to a client's larger network). SEO spam / blackhat marketing Inject hidden links or doorway pages to boost their own scam/pharma/gambling sites in search rankings. Your tiny blog becomes a backlink farm. Ransomware or data extortion (less common on tiny sites, but happens) Encrypt files and demand payment, or threaten to leak whatever data they find (even if it's just boring personal stuff). Attackers don't care about your site's content, traffic, or who you are—they scan the entire internet for open SSH ports (port 22 is constantly probed), try common usernames ("root", "admin", "user") + weak/dictionary passwords, or exploit known vulns. It's fully automated botnets doing millions of attempts per day across millions of IPs.
Yeah, likely not targeted per se. Just a attempting to get access anywhere. AI tools have made it much easier to basically scan everything and map attack surfaces. Any vulnerability is instantly exploited. It's become a real challenge in the last year or two.
I swear it wasnt me. But if it was me let me write a detailed post explaining how i would do it if it was me. In the meantime im gonna go track down the real hacker terrorists!
lmao nobody trying to hack DSP (other than me) craig probably spazzed out and pushed the wrong button or something
those scripts have always been easy to find for anyone with the intent of course all of the security modern websites have is pointless with all the points of weakness they have to have so people can do the things they want to do this type of site should not have any problem being airtight
