Improved API performance and latency.

This month from Nov. 5th to Nov. 10th, we suffered an increased API response time due to intermittent DDoS attacks, that caused intermittent latency during that period.

What happened?

On Nov. 5th 16:36 UTC, we’ve identified a possible DDoS attack within our network, we’ve identified the source of the attack and have mitigated it while monitoring the servers for any possible future recurrence.We had another attack on Nov. 6th, but we’ve fully mitigated it, so we’ve conducted a technical review to investigate the issue closely.

After two days of investigations, we’ve fixed several possible vulnerabilities in our API and implemented a new mitigation solution, the scale of attack wasn’t huge however abusing the bug caused a major impact on our API.

We improved our load balancing techniques by using HAProxy and we managed to bring back API response time from around ~2s to ~150ms.

Screenshot 2018-11-23 at 17.46.33.png