Reddit’s involvement – whether good or bad – in the hunt for leads in the Boston bombings case does not appear to be the reason for ongoing site outages. For those who can access the service today, a banner is informing visitors that “site availability continues to be impacted by a malicious DDoS attack.”
The company announced that it was experiencing a DDoS early this morning, later confirming that the attack was indeed malicious – meaning, not a result of an influx of organic traffic to the site from those who had come to peruse the many high-profile threads discussing the suspects in the Boston bombings case.
As morning drifts into the afternoon, the Reddit DDoS now continues, though the company reports that it has mitigated part of the DDoS at this time. However, certain site functions will be disabled until Reddit has fully recovered, the official Reddit Status account informs users.
Naturally, there are now several Reddit posts regarding the DDoS with more information. Reddit admin/moderator “alienth” (aka Reddit Systems Admin Jason Harvey) posts that the site has not seen attacks at this scale before, and that the traffic levels are much higher than what the heavily visited Boston thread generated. “Orders of magnitude more. Also very obviously fake URLs were being slammed,” he noted in a post, sharing this image (see below) of the DDoS on Reddit’s backend systems.
The graph represents the requests that made it to Reddit’s secondary load balancing server. “What we’re facing is orders of magnitude larger than what natural traffic looks like,” he explains in his post.
Harvey also says that the site is being aided by Akamai, its CDN, in helping to mitigate the attack.
For those of you who don’t understand hacking and DDoS attacks, one Redditor in the thread posted a link to this. We think it helps explain:
More to come.
Update: Though the Reddit Twitter account has not posted an update, the site is no longer showing the warning banner – and it appears to be functional.