Not going to link an article since the party behind the DDoS attack may not be who they say they are (meaning their motivations are essentially unknown) but I figured it might still be worth posting a discussion thread, if only to see what people are going to be doing while AO3 is down.

  • Frost Wolf@lemmy.worldM
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Source: https://archiveofourown.org/admin_posts/26449

    Posting for Context

    ———

    From approximately 12 PM UTC on July 10, 2023, to 4 PM UTC on July 11, AO3 was largely unavailable due to a distributed denial-of-service (DDoS) attack. We’ve made several changes to the Archive’s technical setup to face this threat.

    The attacks haven’t stopped yet, but we’re doing everything we can to keep the Archive up with minimal disturbance. We don’t know who is responsible for these attacks or the motivation behind them. An online group has claimed responsibility, but there is no reason to believe this claim. According to multiple cybersecurity experts, they are not a reliable source of information and they misrepresent both their affiliation and their motives. If you see any claims from this group, or from anyone else claiming they know who is responsible, we recommend treating them with skepticism. Furthermore, we urge you not to engage in hateful rhetoric against any groups they claim or are reported to represent.

    We’ve been doing our best to provide quick updates as the situation unfolds on the AO3_Status Twitter and ao3org Tumblr. However, we know not everyone follows those accounts or can access these updates, so here’s what you need to know:

    • No Archive data has been compromised. You don’t need to worry about your password or private information. However, if you still wish to do so, our FAQ has instructions for changing your password or updating the email associated with your account.
    • We attempted several different mitigation and blocking methods and settings changes to counter the attack. These brought the site up intermittently, but were not enough to contain the attack. Eventually, we implemented Cloudflare’s Under Attack mode as a temporary—and extremely effective—solution. Cloudflare is a service that provides added security between our servers and the internet. Under Attack mode is not meant to be a permanent part of the Archive’s setup. All content remains on our servers.
    • You may be seeing a Captcha challenge when you access an AO3 page. That happens so that the Archive can make sure you’re a human and not a robot. We know it’s annoying, and we’re sorry! We also know some browsers and older devices aren’t currently able to access AO3. These measures are temporary and will be reassessed once the attack has stopped.
    • In addition to AO3, both the Organization for Transformative Works website and our donation form (which is hosted using a third-party service) were also targeted. We’re working on bringing the websites back, too, but as our donations go through a third-party service, we can’t predict when donors will be able to access it.
    • While our donation form was down, a scammer briefly tried to impersonate the @AO3_Status account on Twitter to get money from fans under false pretenses, but their account has now been suspended. Please be wary of any efforts to get donations for the OTW or its projects at this time, as other scammers may be at work. We can only accept donations through our website once the site can be accessed.
    • For the time being, we have disabled the Support & Feedback form and the Policy Questions & Abuse Reports page. The latter in particular was being targeted with a huge influx of spam as part of the attack. That’s why the form has an emergency “Sorry, you have been blocked” security warning. If you see it, please don’t worry; you haven’t actually been blocked!
    • We have turned off invitation requests for new AO3 accounts as a precautionary measure against spammers. If you already have an invitation, you can still use it to create an account. If you’re in the queue and waiting for an invitation, it will be a few days. - We’ll let you know on Twitter and Tumblr when we start sending invitations again.
    • What can you do to help? Keep browsing AO3 normally. Kudos and bookmark each other’s works as you usually do, publish new works and chapters, and leave plenty of comments! If the site is a bit slow to load, just try again. We’ll continue to do everything we can to make sure AO3 works as smoothly as possible for everyone, but there may be the occasional hiccough while these attacks continue. We’re disabling comments on this post because this situation is still unfolding and taking up all the focus of our all-volunteer team, so we can’t monitor or reply to comments here at this time.

    However, please know that we see and appreciate all the supportive messages and cute gifs you’ve been sending in the replies to our posts and tweets in the past couple of days. We’re incredibly grateful for your support! ——— Posting for context

    Thank you for posting this news. :)

  • Lando_@lemmy.worldOP
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I guess I’m going to have to actually do some writing. Haha.

    The timing on this is funny though because I had just put a new chapter out on Sunday, which was my first time updating my long fic in close to eight months so there were probably a couple of readers who got the notification, thought “oh, I’ll check that out later” then didn’t get the chance to.

    I’m a little worried about the articles that are suggesting it may be weeks before AO3 is back up though.

    I don’t know how hard it is to get the servers back up (or if the attack is still going on) but I’ll probably make a donation once they do have it up just for all their hard work.

    • Frost Wolf@lemmy.worldM
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Oops, ironically, I was reading on my kindle. So I didn’t even notice it was down. I guess this counts as procrastination still? 😆

    • SleazyCommunist@lemmy.world
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      I also said to myself this is a sign to stop procrastinating and actually work on writing. Yet here I am, not doing that. More interested in who decided a fanfic site was worth a DDoS attack, besides the obvious just for fun.