You are reading a single comment by @Velocio and its replies.
Click here to read the full conversation.
-
Predominantly from one IP.
And low enough in HTTP requests per second to fly just under the CloudFlare automated detection radar, but enough to eventually overwhelm these servers.
There was a rehearsal first, but that was nearly all cached and didn't affect us at all. Then there was the attack itself.
Attachment shows rehearsal and then the attack.
1 Attachment
From just one IP or many IPs in the same range?
Just one IP and it could just be someone's misconfigured browser or even a buggy script.