Today, like the past few days, we have had some downtime. Apparently some script kids are enjoying themselves by targeting our server (and others). Sorry for the inconvenience.
Most of these 'attacks' are targeted at the database, but some are more ddos-like and can be mitigated by using a CDN.
Some other Lemmy servers are using Cloudflare, so we know that works. Therefore we have chosen Cloudflare as CDN / DDOS protection platform for now. We will look into other options, but we needed something to be implemented asap.
For the other attacks, we are using them to investigate and implement measures like rate limiting etc.
The kinds of people who do these things can have different motivations.
Some DDOS operators are "hired goons" who will DDOS whomever they're paid to. However, in order to demonstrate their capabilities, they need to do some damage first. If they can cause a big outage, they can later point to that outage and say "we did that" as proof that they're capable of doing damage.
Some DDOS operators are ideological or identity/drama-driven. They decide that they have a Cause, and that this justifies doing some damage. The same groups might do DDOS and also harassment, doxxing, spamming, etc. — their goal is to cause misery to the Bad People and "drive them off the Internet" by whatever means they find handy.
Some DDOS operators are just plain extortionists. They crash a site once or twice, then threaten to keep doing it forever until the site owner pays them off.
Some DDOS operators are bored kids making trouble.
Some DDOS operators are nation-state agencies trying to censor foreign sites that say things they don't like. In one case, the China government attacked GitHub to get at the anti-censorship site GreatFire.