Last night, GitHub was hit with a massive denial of service attack. Some time Wednesday, scripts belonging to the internet giant Baidu began directing traffic to two specific GitHub pages: one run by GreatFire, and another mirroring Chinese translations of The New York Times. The result for Github was a massive flood of traffic, which built for more than 24 hours before causing partial outages Thursday night. Server logs show a sudden drop in app server availability just before midnight, and page failure rates spiking to 100% just before 3am. Although according to admins, the attack is still ongoing, and recent tweets suggest a surge in attack volume on Friday morning.
We've been under continuous DDoS attack for 24+ hours. The attack is evolving, and we're all hands on deck mitigating.— GitHub Status (@githubstatus) March 27, 2015
Observers are speculating that the attack was meant to enforce Chinese web censorship, knocking out any way for Chinese citizens to circumvent the country's Great Firewall. Last week, GreatFire's mirror sites came under a similar DDoS attack, which threatened to knock the service offline. Because GitHub is served over HTTPS, countries can't block individual pages without blocking the entire site, a feature that's proved extremely useful for anti-censorship services like Great Fire. (Google Reader provided a similar service before it was shut down.) As a result, censors seem to have decided to bring the entire site down, using Baidu's broad reach as a means of generating staggering volumes of traffic.
3/27 11:32am: GitHub is reporting a new surge in the attack; we've updated the piece accordingly.
The attack has ramped up again, and we're evolving our mitigation strategies to match.— GitHub (@github) March 27, 2015
12:11pm: Updated with Baidu's denial and related technical details.