Blocking suspect IPs

Hey folks, we’ve been handling a fair bit of excess traffic over the last week or so. We’ve largely been able to keep the impact on the platform to a minimum and are working on longer-term changes, but right now we’re going to start blocking requests from some IP ranges associated with this sort of traffic as a partial solution / experiment.

It’s likely that some valid traffic will be caught up in this block - we apologize for the bother and hope it will be minimal; please let us know at support@glitch.com if you’re being negatively impacted.

Cheers;
cori

wouldn’t just implementing a captcha on suspicious traffic (like what cloudflare does) be simpler instead of just blocking IPs?

Classic use of “just”, right there :wink:

1 Like

My general expectation is that implementing anything is rarely simpler than an off-the-shelf solution, though i agree overall that this is a less-than-ideal response.

We do have a number of hopefully-less-invasive alternatives we’ve been planning to explore but those and any other changes we might consider take time and effort that we don’t have the bandwidth for right now.

Yeah I probably should have used better wording there. I was trying to say that it would be much less invasive but still easy to implement.

A PoW captcha like altcha could be used if Glitch prefers using self-hosted software

excess as in over the 4k requests per hour quota?

1 Like

far, far in excess of that, aye.

2 Likes

Just an update here-- to continue working to protect the platform from an influx of unwanted traffic, we’re in the process of rolling out some networking changes that we normally would have scheduled in advance if we were making them on our own terms.

It is possible that those changes will interrupt the availability of your projects and so we’ve updated our Status Page to reflect that. Please know that we’re working hard to keep things running as smoothly as possible throughout these changes.

Thanks!

5 Likes

Another update. The lion’s share of the work is complete, but a few tasks still remain for custom domains. Those are high-priority when the team comes back online.


We have made some networking changes, and projects are running as expected. A remaining side effect is that original Glitch custom domains are not routing to projects, including glitch.new functionality. We hope to restore that functionality in the next few days.

Eek, could we hear the latest ETA on restoring sites hosted with old-style custom domains?

PS: Looks like you got it restored in a matter of hours! Thank you so much! :heart: :rocket:

Is this what is currently blocking all websocket services?

1 Like

I wish that in the future custom domains were as easy as the original ones were to add. The new ones are a hassle to implement and don’t even support Cloudflare proxying while the old ones just worked — they were super easy to add too

2 Likes