API Calls During DoS Attack
9 views
Skip to first unread message
Dewald Pretorius
Aug 6, 2009, 3:35:46 PM8/6/09
to Twitter Development Talk
Chad,
I know it's a little late in asking, but should we switch off cron
jobs that make a lot of API calls while this DoS is going on, or while
you are recovering from it?
I don't want my IP addresses to be blocked because they are making a
lot of calls! I've seen in the past that Ops lay down carpet bombing
with cluster munitions when under attack.
Will it help you to recover if we switched off the cron jobs?
Right now most of my connections are just being refused.
Do you guys at least check against the list of white listed IP
addresses before you block an IP address in times like these?
Will there be innocent bystanders caught in the cross-fire again?
This is the kind of info that we developers need...
Dewald
I know it's a little late in asking, but should we switch off cron
jobs that make a lot of API calls while this DoS is going on, or while
you are recovering from it?
I don't want my IP addresses to be blocked because they are making a
lot of calls! I've seen in the past that Ops lay down carpet bombing
with cluster munitions when under attack.
Will it help you to recover if we switched off the cron jobs?
Right now most of my connections are just being refused.
Do you guys at least check against the list of white listed IP
addresses before you block an IP address in times like these?
Will there be innocent bystanders caught in the cross-fire again?
This is the kind of info that we developers need...
Dewald
Jonathan
Aug 6, 2009, 3:52:12 PM8/6/09
to Twitter Development Talk
I would also appreciate an answer to this question. My calls to the
Search API are failing because of circular redirection, and
curl http://twitter.com
returns nothing at all from my production server, which seems like a
sign that its IP has been blocked.
My app works fine from my dev box.
-jonathan
Search API are failing because of circular redirection, and
curl http://twitter.com
returns nothing at all from my production server, which seems like a
sign that its IP has been blocked.
My app works fine from my dev box.
-jonathan
Account Support
Aug 6, 2009, 4:30:37 PM8/6/09
to Twitter Development Talk
I turned our crons off, just to be safe. Plus there isn't much of a
point of running them when the majority of the api calls still aren't
getting through.
point of running them when the majority of the api calls still aren't
getting through.
Alex Payne
Aug 6, 2009, 4:40:07 PM8/6/09
to twitter-deve...@googlegroups.com
We're talking to our operations team about it, who in turn is talking
to our hosting provider. It seems that some aggressive IP filtering
may have been catching some web-based third-party Twitter
applications, as well as data centers used by mobile providers.
to our hosting provider. It seems that some aggressive IP filtering
may have been catching some web-based third-party Twitter
applications, as well as data centers used by mobile providers.
--
Alex Payne - Platform Lead, Twitter, Inc.
http://twitter.com/al3x
Mario Menti
Aug 6, 2009, 4:56:40 PM8/6/09
to twitter-deve...@googlegroups.com
Thanks Alex - just to confirm, no requests from twitterfeed have been getting though ever since the DOS attack. It does appear to be IP based, as requests from non-production machines (ironically the non-whitelisted IPs) get through, but all production IPs appear to be blocked.
twitscoop
Aug 6, 2009, 4:54:45 PM8/6/09
to Twitter Development Talk
Hi Alex,
Same thing happening to twitscoop. Our production IP is being blocked
for all streaming apis, oAuth api etc.
Do we need to send an email to the usual api address or have you
identified the third-parties being affected ?
Please let us know if there is anything we can do to help.
Many thanks in advance.
Regards,
Pierre
co-founder twitscoop.com
On Aug 6, 10:40 pm, Alex Payne <a...@twitter.com> wrote:
> We're talking to our operations team about it, who in turn is talking
> to our hosting provider. It seems that some aggressive IP filtering
> may have been catching some web-based third-party Twitter
> applications, as well as data centers used by mobile providers.
>
>
>
> On Thu, Aug 6, 2009 at 12:52, Jonathan<twitcaps.develo...@gmail.com> wrote:
>
> > I would also appreciate an answer to this question. My calls to the
> > Search API are failing because of circular redirection, and
>
> > curlhttp://twitter.com
Same thing happening to twitscoop. Our production IP is being blocked
for all streaming apis, oAuth api etc.
Do we need to send an email to the usual api address or have you
identified the third-parties being affected ?
Please let us know if there is anything we can do to help.
Many thanks in advance.
Regards,
Pierre
co-founder twitscoop.com
On Aug 6, 10:40 pm, Alex Payne <a...@twitter.com> wrote:
> We're talking to our operations team about it, who in turn is talking
> to our hosting provider. It seems that some aggressive IP filtering
> may have been catching some web-based third-party Twitter
> applications, as well as data centers used by mobile providers.
>
>
>
> On Thu, Aug 6, 2009 at 12:52, Jonathan<twitcaps.develo...@gmail.com> wrote:
>
> > I would also appreciate an answer to this question. My calls to the
> > Search API are failing because of circular redirection, and
>
Hayes Davis
Aug 6, 2009, 5:30:09 PM8/6/09
to twitter-deve...@googlegroups.com
I'm also seeing this same behavior for my whitelisted production IPs for CheapTweet.com and TweetReach.com. (Those were whitelisted under the @CheapTweet and @appozite accounts, respectively.) It works in development, but no requests are getting through to twitter.com on our production servers.
I know you all have a lot on your plate right now but let us know what we can do to get un-blocked.
Hayes
--
Hayes Davis
Founder, Appozite
http://cheaptweet.com
http://tweetreach.com
I know you all have a lot on your plate right now but let us know what we can do to get un-blocked.
Hayes
--
Hayes Davis
Founder, Appozite
http://cheaptweet.com
http://tweetreach.com
stephane
Aug 6, 2009, 5:35:00 PM8/6/09
to Twitter Development Talk
Same thing here on google appengine side for www.twazzup.com
Stephane
@sphilipakis
www.twazzup.com
On Aug 6, 2:30 pm, Hayes Davis <ha...@appozite.com> wrote:
> I'm also seeing this same behavior for my whitelisted production IPs for
> CheapTweet.com and TweetReach.com. (Those were whitelisted under the
> @CheapTweet and @appozite accounts, respectively.) It works in development,
> but no requests are getting through to twitter.com on our production
> servers.
>
> I know you all have a lot on your plate right now but let us know what we
> can do to get un-blocked.
>
> Hayes
> --
> Hayes Davis
> Founder, Appozitehttp://cheaptweet.comhttp://tweetreach.com
Stephane
@sphilipakis
www.twazzup.com
On Aug 6, 2:30 pm, Hayes Davis <ha...@appozite.com> wrote:
> I'm also seeing this same behavior for my whitelisted production IPs for
> CheapTweet.com and TweetReach.com. (Those were whitelisted under the
> @CheapTweet and @appozite accounts, respectively.) It works in development,
> but no requests are getting through to twitter.com on our production
> servers.
>
> I know you all have a lot on your plate right now but let us know what we
> can do to get un-blocked.
>
> Hayes
> --
> Hayes Davis
>
> On Thu, Aug 6, 2009 at 3:56 PM, Mario Menti <mme...@gmail.com> wrote:
> > Thanks Alex - just to confirm, no requests from twitterfeed have been
> > getting though ever since the DOS attack. It does appear to be IP based, as
> > requests from non-production machines (ironically the non-whitelisted IPs)
> > get through, but all production IPs appear to be blocked.
>
> On Thu, Aug 6, 2009 at 3:56 PM, Mario Menti <mme...@gmail.com> wrote:
> > Thanks Alex - just to confirm, no requests from twitterfeed have been
> > getting though ever since the DOS attack. It does appear to be IP based, as
> > requests from non-production machines (ironically the non-whitelisted IPs)
> > get through, but all production IPs appear to be blocked.
>
> > On Thu, Aug 6, 2009 at 9:40 PM, Alex Payne <a...@twitter.com> wrote:
>
> >> We're talking to our operations team about it, who in turn is talking
> >> to our hosting provider. It seems that some aggressive IP filtering
> >> may have been catching some web-based third-party Twitter
> >> applications, as well as data centers used by mobile providers.
>
> >> On Thu, Aug 6, 2009 at 12:52, Jonathan<twitcaps.develo...@gmail.com>
>
> >> We're talking to our operations team about it, who in turn is talking
> >> to our hosting provider. It seems that some aggressive IP filtering
> >> may have been catching some web-based third-party Twitter
> >> applications, as well as data centers used by mobile providers.
>
> >> wrote:
>
> >> > I would also appreciate an answer to this question. My calls to the
> >> > Search API are failing because of circular redirection, and
>
> >> > curlhttp://twitter.com
>
> >> > I would also appreciate an answer to this question. My calls to the
> >> > Search API are failing because of circular redirection, and
>
Paul Kinlan
Aug 7, 2009, 4:46:21 AM8/7/09
to twitter-deve...@googlegroups.com
I concur with stephane, all request from the app engine fail for twollo too.
Dewald Pretorius
Aug 7, 2009, 6:42:18 AM8/7/09
to Twitter Development Talk
They are definitely still actively blocking all volume requests.
I noticed this morning that my website was working. Checked, and my
rate limit was back to 20,000.
So, I switched on one of my cron jobs, and within less than 5 minutes
all requests from my IP were being completely blocked again.
Wonder just how big are these woods that Twitter has to come out of.
Dewald
I noticed this morning that my website was working. Checked, and my
rate limit was back to 20,000.
So, I switched on one of my cron jobs, and within less than 5 minutes
all requests from my IP were being completely blocked again.
Wonder just how big are these woods that Twitter has to come out of.
Dewald
Hedley Robertson
Aug 7, 2009, 9:48:17 AM8/7/09
to twitter-deve...@googlegroups.com
Yes seems like this is some sort of IP based blocking that they introduced, since one of my production servers started failing yesterday, then the other server, on a different IP, which was consistantly working, started failing later in the evening.
Any suggestions on who can I contact directly to get this resolved? I filled out the 'whitelisting form' just now, but never had to worry about it in the past as my application is not abusive with rate limits, and not sure if this is the best channel anyway, since its more of an incorrect / misapplied blacklisting issue, it would seem?
Hedley
Any suggestions on who can I contact directly to get this resolved? I filled out the 'whitelisting form' just now, but never had to worry about it in the past as my application is not abusive with rate limits, and not sure if this is the best channel anyway, since its more of an incorrect / misapplied blacklisting issue, it would seem?
Hedley
Zaudio
Aug 7, 2009, 10:47:31 AM8/7/09
to Twitter Development Talk
I'm getting the ame problem with bullsonwallstreet.com - previous
whitelisted rates of 20000 now down to 150... not recovered yet.
And I throttle all requests to a pretty low level for the REST API...
but still down at 150!
Let's hope that this attack ends soon, and honest users can have the
performance needed back again soon!
Simon
On Aug 7, 7:48 am, Hedley Robertson <hedley.robert...@gmail.com>
wrote:
> > Dewald- Hide quoted text -
>
> - Show quoted text -
whitelisted rates of 20000 now down to 150... not recovered yet.
And I throttle all requests to a pretty low level for the REST API...
but still down at 150!
Let's hope that this attack ends soon, and honest users can have the
performance needed back again soon!
Simon
On Aug 7, 7:48 am, Hedley Robertson <hedley.robert...@gmail.com>
wrote:
>
> - Show quoted text -
Vignesh
Aug 7, 2009, 11:45:41 AM8/7/09
to Twitter Development Talk
I have a site on app engine twivert.com, api calls are failing and my
requests are less than 2 every hour at this stage
requests are less than 2 every hour at this stage
Jonathan Joyce
Aug 7, 2009, 12:15:46 PM8/7/09
to twitter-deve...@googlegroups.com
We have seen the rates for our app go from 20,000 to 150 and back to 20,000 over a short interval. It is causing complete havoc to our traffic as 150 requests are used up in a matter of minutes and we have no notice about the change happening.
This is not affecting an optional cron job, this is for normal usage to make requests on behalf of our users. If we are limited then the user feels it immediately.
Can you ring fence those white-listed addresses that you recognise as totally legitimate - even if it requires an intensive manual exercise - and then just stabilise things for these sites? Is that being attempted at all? The IP addresses of every app for users of this thread would be a great start!
The IP address I am most concerned about is for Twibbon.com: 174.129.249.253
I appreciate these are difficult times.
Anything you can do would be much appreciated.
Jonathan
Founder - Twibbon.com
vp
Aug 7, 2009, 6:20:53 AM8/7/09
to Twitter Development Talk
All API calls from LinksAlpha.com are also failing. Please let us know
if there is a way to get IP address whitelisted.
Thanks
if there is a way to get IP address whitelisted.
Thanks
AdamHertz
Aug 7, 2009, 11:54:14 AM8/7/09
to Twitter Development Talk
Our site (tunein.com) is getting 408s from the OAuth API; also, our
daemons that do friend timeline calls have been getting empty results
since 11 PM last night.
daemons that do friend timeline calls have been getting empty results
since 11 PM last night.
kabayan
Aug 7, 2009, 12:53:23 PM8/7/09
to Twitter Development Talk
Failed IP 206.225.19.45
Japan
Docomo
Japan
Docomo
Josh Roesslein
Aug 7, 2009, 5:18:01 PM8/7/09
to twitter-deve...@googlegroups.com
I've noticed that friends_timeline when supplied a count parameter will return nothing.
Other parameters seem to work okay.--
Josh
Other parameters seem to work okay.
Josh
kabayan
Aug 8, 2009, 11:30:24 AM8/8/09
to Twitter Development Talk
Now I tested again, works well via docomo.
> > Founder - Twibbon.com- 引用テキストを表示しない -
>
> - 引用テキストを表示 -
>
> - 引用テキストを表示 -
Reply all
Reply to author
Forward
0 new messages