Many of you have been emailing me, asking me whether the site was down. Many of you saw a number of notifications telling you that the site couldn’t be loaded when you tried to log into Icy Tales.
The last few days have been really tough on us. As many of you would have noticed, Icy Tales was down for the most part for last three days. It was really agonizing to see all the hard work made not being put up in front of you.
Every organization grows and learns. The downtime happened due to a number of reasons, working simultaneously. Some, we do understand, could have been avoided. I apologize for the downtime that occurred and want to let you know as to why it happened.
Three days ago, we started noticing high spikes in our traffic levels. This made the site crash or become unresponsive. We couldn’t figure out why. We weren’t sure about the reason so decided to have our own VPS server so that we have ample resources to ensure that there is no downtime or overloading issues. There were a number of issues:
- Mails being sent by itself and our SMPT Server Relay Usage Limit being exhausted.
- Spikes in traffic though there wasn’t any corresponding traffic
- High CPU and Physical Memory Usage
As we analyzed it, we understood that the traffic was caused by hackers trying to hack our site.
The Threat of Brute Force Attacks
As we speak, we are still being attacked by hackers. These brute force attacks can be dangerous and can compromise on the security. Basically, in a brute force attack, the attacker tries out different combinations of usernames and passwords and tries to get access. Every day, there are more than a 1000 times fraudulent logins are made with bots. The bots assume that sooner or later, they will get hold of the right password and then the site can be compromised.
This was what caused the site spikes and sent the site crashing down many a times.
What have we done?
Since we got to know this, we have implemented a number of measures.
- We have enabled Sucuri Security, one of the best Security online to thwart the attacks.
- We also have limit login in place, where if you enter incorrect login details for more than 6 times, are blocked out permanently.
- Change of theme that is more secure and easy to view.
We are a site that is just two months old, and as I speak, ranked around 80,000 in the country. We have come a long way in a little time, and as a result, there will be attackers trying their best to compromise the site. We learnt that we really cannot compromise on security and have to take into account our resources more judiciously, and that attacks can happen anytime.
I apologize on behalf of the Icy Tales family for the downtime you experienced. We know that you love reading us and we are sorry that we couldn’t offer you the amazing experience you’ve come to expect of us for the past few days. Now, with Sucuri installed, we have one of the best security systems installed, and hope there will not be any problems in the near future. Please do tell your friends about us and keep visiting us every day for amazing new stories and tales!
With warm regards,
CEO, Icy Tales