Oct 26, 2022

Goblins attacking

3 min read - Published: a year ago

For the first time, The Forge has endured a major DDoS attack.

For those unaware of what a DDoS attack is, it means "Distributed Denial of Service". This is a fancy way of saying that someone(s) attempted to access our site many times, until the website was unable to respond to anyone anymore. For a real world analogy, think of it like a group of people doing a sit-in in front of a building, blocking the entrance inside and preventing others from entering because it is too crowded.

Rest assured, this type of attack does not put your account at risk in any way. We have not had a data breach, nor were our servers hacked. Nowadays, it is fairly easy for malicious actors to attempt a DDoS attack. A standard DDoS attack is merely the equivalent of pressing refresh on your browser- albeit hundreds of thousands, or even millions of times within a short span of time. There are tools and services people can buy online to make these attacks- in the end, the "distributed" part of the denial of service is just having multiple computers spread around the world, attacking the website until each server being attacked is oversaturated in bandwidth and CPU requests.

As you can observe from the graph below, we had an increase of 100-200 times the number of requests being sent to our servers, which is what caused the servers to be overloaded, and caused the interruption of service you noticed on Thursday night, and at intermittent, brief points throughout the weekend.

Traffic for forge-vtt.com

We've had previous, smaller disruptions on our service due to spikes in usage before, especially when The Forge was younger, and our server infrastructure less sophisticated. This was likely the result of "script kiddies (irresponsible people clicking buttons on downloaded attack software). The DDoS attack on Thursday, October 20th 2022 was unique in that it was a sustained attack by a malicious actor trying to purposefully bring The Forge's services down, and that they've attempted multiple repeat attacks over the following days. We do not know their motives at this time- it could be that we were a convenient target, the result of a disagreement with GM, or something equally silly.

What is important to note is that these sustained attacks are illegal, and criminal in nature. We've gathered evidence to provide to authorities, in order to pursue the criminals behind this act to the full extent of the law. We are also working to improve our DDoS protection mechanisms for the future.

It is saddening to see someone maliciously trying to ruin the gaming experience for so many our users. We're doing everything within our power to mitigate these issues for the future, and to keep our services running smoothly for everyone. We've implemented multiple protections already, and are continuing to implement more in order to have a most robust service for everyone.

While the month of October is a spooky time for all who enjoy Halloween, it has also been an unfortunately spooky time for The Forge as well. In addition to these DDoS attacks, we've also been dealing with some service disruptions caused due to problems with our service provider. We'd like to thank everyone for their patience and understand, and we sincerely apologize for any disruptions you may have had for your games.

We are gamers just like you, and service outages are hard to swallow– especially when it's game time. For this reason, if your game was impacted by these service disruptions, we'd like to offer a special one-time credit you can apply against your next bill. We know this can't replace the enjoyment and memories that your affected Forge VTT game(s) would have brought, but we hope that this helps to restore your confidence in us. So if you were directly impacted by the outage and were forced to cancel your planned games, let us know.

We hope this clarifies the situation for our Forge users. If you're not already, we invite you to join us on our Discord server, where you can join our growing community and receive notifications for any service-related announcements. We continue to strive to provide transparency for our service, and we'd like to thank you all once more for your patience and understanding.