Message:

I have been getting some emails and seen a chatter here about issues with my spotting site.

Basically what happened is that my site started getting large denial-of-service attacks with SQL injection attempts. Those were not targeting the spotting site but other sites on the same server.

My original mitigation strategy has been to block IP by IP when they hit the server. But this time the volume was much larger than ever before and when blocking about 250,000 IPs it started to slow the server down. That's because when a request comes in, it has to scan through that long list... and with volume of 10-20 hits per second that because excessive.

Btw, the total volume was about 1-1.5 million hits per day from 200,000-300,000 different IP addresses. I don't really know total count of different IPs because like I said, server couldn't add more without slowing down too much. It could have been over a million different IPs from various botnets.

I'm hopeful that problems have been resolved. All my sites now have Cloudflare CDN in front of it blocking these requests so they don't reach the origin server anymore and server is now acting very fast after all these hostile requests have gone away.

Cloudflare is supposed to be free... but let's see if they find ways to say I have exceeded their free tier limits and want to start charging me. If that happens, not sure what else can be done because the spotting site hasn't exactly caused me to quit my daytime job yet.

Thanks for hanging in there. If you notice any more problems please don't hesitate to reach out directly.

Call: W6RK 5/14/2026