I'll just chime in with what we have been seeing.
We run mirror servers in multiple countries (US, UK, SG, AU), and ALL of
the EPEL mirrors have been getting hit with DDoS Flood Attacks.
One of the Micro mirrors we had to shut down completely here in the US.
On 2024-04-02 10:35, Carsten Otto wrote:
Hi,
I'm one of the admins of ftp.halifax.rwth-aachen.de, which offers fedora
and fedora-epel among other distributions and projects. I've recently
noticed that many Fedora users (including EPEL, CentOS, and BlackArch)
frequently re-download "repodata" files that haven't been updated since
the previous request.
As some of those files are rather large ("filelists") and others are hit
extremely often, I added fail2ban rules to deny users access to our
service for some time.
Please adjust your software so that file mirrors like ours are not
(ab)used like this. Files that haven't been changed usually shouldn't be
downloaded.
Thanks
Carsten
--
_______________________________________________
Mirror-admin mailing list -- mirror-admin(a)lists.fedoraproject.org
To unsubscribe send an email to mirror-admin-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/mirror-admin@lists.fedorapr...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue