Two days ago, the popular blogging and content delivery portal Posterous was knocked offline after a DDOS attack, requiring its users to amend their domain records if they were using a custom domain on their account.
In the past hour, Posterous has tweeted that its users should change the A Record on their custom domains a second time; apparently the attackers behind the initial attack have switched focus to the new server IP address, bringing down a large number of Posterous blogs in the process.
If you are a Posterous user with a custom domain and have found your blog is down, you will be able to get your site working again by amending domain settings for what could be a second time:
The above tweet asks users to change their root domain to point to an A record (which should already be pointing to an old address) to 126.96.36.199, and to change their subdomain to point to a CNAME record to posterous.com.
In a bid to rectify its problems, Posterous will be down at 10pm PDT for 2 to 4 hours as its moves datacenters, increasing the capacity of the website and allowing it to combat the DDOS.
M. Jackson Wilkinson, head of UX at Posterous, has been engaging with disgruntled users on the official blog (see comments), issuing the same fixes above to get blogs back up.
According to Wilkinson’s last comment, an explanation of the troubles currently faced by Posterous is being written up which will detail how the company will be amending its technical infrastructure for the future.
Update: Posterous has just updated its official blog with the following information:
This morning, our new IP address, which we announced on Wednesday, began suffering a Denial of Service attack just as the old one had. For those of you who recently switched your custom domains to the new IP, you’ll find that your site is once again down.
We certainly knew there was a risk of this happening, but we were hoping that the attack on the old IP would be the end of it. This morning, our operations team responded by bringing up multiple new servers and reviving the old IP address, which is no longer under attack.
It goes on to describe ways of getting sites back online (detailed above) and explains what the new servers will do for the reliability of the site in the future.
It’s great to see transparency and the free flow of information. Posterous has impressed its users by communicating what was happening through every step of the process, even when it was working hard to bring the sites back up.