Most likely the HN Hug of Death® had gone into effect. It's capable of incapacitating any sort of system without load balancing as soon as that system is linked from the front of Hacker News.
When did the Slashdot effect get renamed to Hug of Death? Anyway, 'tis broken for me too.
There must be quite a few hits on your website when HN links it. nginx out of the box can handle quite a lot of connections, assuming that it isn't trying serve something too complicated on each one.
I believe the phrase originated from Reddit many years ago, where the audience isn't fully familiar with the phrase's previous incarnation.
Since then it has been reappropriated widely on HN and Imgur and any place where people gather and unwittingly cause a denial of service with the best of intentions.
Thank you. I can't say I've been keeping up with my memes n that. The damn kids must have grown up or something!
I have to say, it is quite fun watching words, phrases and ideas being made up on the fly at a prolific rate these days. I can still remember reading about memes in a Richard Dawkins book and a few years later the concept was coerced wholesale by the internets. I still remember thinking "what the fuck is a roflcopter" and then suddenly achieving enlightenment. My granddaughters were born with thumbs that can doom scroll.
Nowadays are properly weird and will continue to get weirder. Despite that it will also continue to be normal.
HN itself runs on one average sized server. This looks like a blog serving static content which should never go down if you put something like CF in front of it.
If you’re just serving static HTML, HN should not be a problem. It’s only if you’re running code (and database queries) for every request that your server might go down in flames.
This might not work the same for a fresh port on an alternative system. For example: I have no idea how many open connections reactos could handle on the kernel-side with a standard config.
My blog was hugged once. Static webpage served with golang's net/http. Not more than 2% cpu load (single core), 20-30 requests/second. The problem was the default number of file descriptors. Once bumped that, all went well for the next few hours.
While the page was running on HTTPS, @timeoperator must have posted this (without me realizing it). Shortly after, the site was down due to the HN Hug of Death®. However, at the time, I thought it had something to do with my recent HTTPS change, so I rolled it back. As a result, the HTTPS link posted here stopped working.
In addition, I wanted to be smart and added a Strict-Transport-Security header:
So people who had accessed the HTTPS version (while it was active for a few hours) would never see the non-HTTPS version again.
I didn’t expect it to get so much attention, so next time I attempt something like this, I’ll perform proper load tests, have a dev deployment in place, and check access logs more often!
Over the last few months we've seen so many "Page served from..." and most of them are just DOA.
Why can't people put a little effort and host those pages on their hardware/software of choice but at least put them behind some CDN (at least for static resources)?
Because when people do serve them from behind a CDN people rush to the comments to lambast them for not serving every request from the system in question.
Right, Certbot doesn’t work because of an issue with Python, however, it’s easy to generate the certificates elsewhere and inject them into the virtual machine.
> Maybe there's no SSL/TLS library that works on it at all.
There is, but the OS needs to be patched to fix a socket issue (see https://github.com/reactos/reactos/pull/4086 which was never merged because of side effects). The patch does seem to work for my use case and I had actually the site running on HTTPS, but a few hours later it become unresponsive. I didn’t realize that this was probably just due to the HN DOS. I will give HTTPS another shot later today.
Maybe it wasn't meant for HN, but actually for someone's blog that only gets a few hundred hits a day if it's a very successful blog. Going out on a limb here.
I think people who make these pages neither anticipate nor aim for getting to the front page of HN or other large audience. This us why they don't spend time setting up.Cloudflare and such.
Then somebody posts a link, which, against all odds, gets enough upvotes, et voilà, their hardware is melting under the load
Exactly! I had only posted the link on www.reddit.com/r/reactos and didn’t expect it to get attention from a wider audience :-) Also, I deliberately avoided CDNs and caches to see if the source system can handle the load. I know that this woudn’t make any sense in real-world scenario, but for this project, this was part of the fun.
Yeah, but not necessarily ReactOS’s fault! The machine it’s running on doesn’t have much power as I didn’t expect it to get much attention really. Also see my notes regarding the HTTPS link that was temporarily broken: https://news.ycombinator.com/item?id=32480404
