The self-inflicted denial of service

28/11/2014

The websites we typically deal with have up to 3,000 visitors per minute, which class them as busy – not quite Google standard (who have 34,000 searches per second) – but certainly, busy business websites serving a good number of customers per day.

Today, however, the eBuyer website (an electronic commerce retailer) has been dealing with over 300,000 visits per minute – one hundred times more than normal. Or rather, I should say, it has *not* been dealing with them.

What began as a clever marketing ploy has turned a bit sour for the online electronics giant who, by accident, have successfully arranged a denial of service attack on their own site. The saddest bit is, they’ve timed it to re-occur once per hour for the whole day.

What does this actually mean?

I’ll explain. Ebuyer have been promoting a campaign recently which started today – a £1 clearance deal, with ticket items with an RRP of £200 or more going for just a pound! Their marketing team geared up the social side of things with promotions across Facebook – and then, when the allotted hour arrived, it fell flat on its face – the number of people that visited the site was more than they were prepared for and in simple terms, the website simply gave up.

Harsh – but it’s a reality that businesses need to face – that not all bright ideas are actually good when businesses are not properly prepared.

Why did the site break?

Well, it’s an occurrence known as distributed denial of service (DDOS). In the past (and present), malicious hackers arranged for thousands of computers to connect to a server all at the same time – and the servers simply couldn’t cope with the amount of data it was being asked to manage. It’s a little like having a billion browser windows open at the same time – sooner or later the computer fails to keep up with demand and cannot function.

An example of an attack like this might be ‘Operation Payback’ by the hacker group ‘Anonymous’ who targeted US copyright groups and government websites. This is very likely not what happened to eBuyer, or at least it was not likely targeted by a group, but rather more likely is that it crashed due to self-inflicted DDOS – a massive surge of users trying to connect at the same time.

Unfortunately, these situations can slip out of control very quickly due to human behaviour. What often happens, is that someone will try to connect – and it will be slow. They assume there’s a problem, so hit ‘refresh’, or click the link again. This creates another connection to the website – and escalates the problem. Frustrated users may hit refresh lots of times – or open new windows, assuming it’s a problem their end. The already struggling hardware groans, and eventually the inevitable happens – the website is simply unable to cope and ‘breaks’.

How can this be fixed?

Speaking from experience, fixing this sort of issue is a nightmare. Depending on how eBuyer’s architecture is set up, they may be able to roll out extra capacity ‘hot’ – ie. they may be able to effectively add in extra servers (or processor power) on the fly. If they aren’t on a flexible system, all they can really do is cut some people off, which is dreadful for the user experience.

Either way, it’s a shame; and it will undoubtedly hurt them in the short term. What will be interesting for Ebuyer is the medium term – what will they do to appease an angry customer base – and will people remember next time and vote with their feet?

Years ago, I consulted for a well-known men’s magazine – and every Friday, they would send out an e-mail to half a million users listing their ‘website of the week’. 10 minutes later, those sites would have crashed, as a flood of readers hit them all at the same time.

This is an old problem; Ebuyer should have known better, and anyone considering a similar plan – to drive a large amount of users to their site at the same time – should ensure they have fully prepared with a rapidly scalable web environment or consider a strategy that spreads out visits over a longer period rather than all at once.