Avatar
KYCNOT.ME 5mo ago 💬 10

kycnot.me has been under a DDoS attack for over 8 hours. We had to turn on Cloudflare protection as no other solution was working. We're working to remove Cloudflare and bring the site back to normal.

Reply to this note

Please Login to reply.

Discussion

Avatar
KYCNOT.ME 5mo ago

The DDoS is still ongoing. We've been hit with over 300M requests in the last hour, ~100k rps.

Avatar
KYCNOT.ME 5mo ago

The attack continues. We've tried multiple defenses (rate limits, Anubis, etc.) but only CloudFlare is working. We're looking to find alternative solutions, but removing it causes service outages. It's been 24h of attack and over 1 Billion requests as of now.

Avatar
KYCNOT.ME 5mo ago

Over the last 6 hours we received 3 billion requests. The attack is still going on and has intensified.

Avatar
KYCNOT.ME 5mo ago 💬 1

Almost 9 billion requests, that's over 100k rps... The attack is not stopping, however the server seems stable thanks to DDoS protection. We've set up DDoS guard now, we were previously using Cloudflare.

1d
1d14ecdd... 5mo ago

Do not use Cloudflare. Cloudflare is a Trojan horse to control the entire internet. Realistically, the World Elite have accomplished their goal of controlling the whole internet.

Avatar
KYCNOT.ME 4mo ago

The attack is still ongoing, peaking at >15 billion requests in 4 days, but intensity has dropped. Thanks to server optimizations, cache improvements, and anti-DDoS measures (without Cloudflare), the site is now usable, though downtime may still occur.

Avatar
KYCNOT.ME 4mo ago

The DDoS attack is now targeting our Tor site. The hidden service is currently offline as we work to mitigate the attack and see if we can keep it up. Please use the clearnet site in the meantime.

The only official onion address is in our footer (kycnotmezdifta...). Stay safe.

Avatar
Nonlogs 4mo ago

I think you guys need to need to do this:

Create Page Rules in your Cloudflare dashboard:

Go to Rules > Page Rules

Add a rule for your API endpoints:

URL pattern: yourdomain.com/api/*

Set "Security Level" to "Essentially Off"

Toggle "Browser Integrity Check" to Off

Add another rule for protected pages:

URL pattern: yourdomain.com/page/*

Set "Security Level" to "High" or "I'm Under Attack"

Enable "Browser Integrity Check"

Configure Firewall Rules (optional for more control):

Go to Security > WAF

Create a rule that bypasses security for API endpoints

Rule name: "Allow API Access"

Expression: (http.request.uri.path contains "/api/")

Action: "Bypass"

Set default protection level:

Go to Overview > Security

Set your default Security Level to Medium or High

Adjust Bot Fight Mode settings in Security > Bots if needed

This configuration will allow direct access to your API endpoints while forcing browser verification

ec
Mnm 5mo ago

Why is POW not a thing here?

Avatar
Liberty Farmer 4mo ago

Technically it is, but usually does attacks take over other people's resources and coordinate. POW by stealing essentially others resources, typically without them knowing.

Much like mining BTC from an Airbnb. POW, by stealing.

Avatar
Ali Sherief 4mo ago

I think that only works on Tor.