Hopefully this crap is contributing to Lemmy overall being stronger. If the developers can plug the holes in the overall architecture so systemic vulnerabilities are minimal, and people make accounts on multiple instances and just switch when one is down, it might take the “fun” out of taking an instance down.
DDOS is a pretty brute-force attack, so it isn’t typically relying on a vulnerability per se. Pretty much the only way to mitigate it is to have large enough infrastructure that you can detect and filter out its gobs of spammy traffic, which no Lemmy instances (at least at the moment) can really practically have. They could potentially use a service like CloudFlare, which does have that infrastructure in place, but that can be expensive. I’d imagine CloudFlare (or a competitor) is probably the best solution they can go with, at least in the short-term.
Yeah, for this one I was meaning the alternate account part. But this one is just the latest in a string, most of which were vulnerabilities or flaws in the architecture. I could have been more clear though.
Hopefully this crap is contributing to Lemmy overall being stronger. If the developers can plug the holes in the overall architecture so systemic vulnerabilities are minimal, and people make accounts on multiple instances and just switch when one is down, it might take the “fun” out of taking an instance down.
DDOS is a pretty brute-force attack, so it isn’t typically relying on a vulnerability per se. Pretty much the only way to mitigate it is to have large enough infrastructure that you can detect and filter out its gobs of spammy traffic, which no Lemmy instances (at least at the moment) can really practically have. They could potentially use a service like CloudFlare, which does have that infrastructure in place, but that can be expensive. I’d imagine CloudFlare (or a competitor) is probably the best solution they can go with, at least in the short-term.
Yeah, for this one I was meaning the alternate account part. But this one is just the latest in a string, most of which were vulnerabilities or flaws in the architecture. I could have been more clear though.