Some details from my perspective...
1. OAuth rarely works - I tried a number of your apps and it seems
to work 1
out of 6-7 times. As a note, it worked better with Safari, but not
Sporadic all day today. At its worst I'd agree that about 1 in 7
succeeds, but it often performs better than this too, whilst still
Using Safari does seem to improve things.
2. 302 redirect
3. General request timeouts
Yes, we are seeing response times fluctuating and sometimes timing
out. Fluctuations are from 0.3 secs to 6.5 secs, average around 1
Worst periods over the last 2 days for us were:
Sat 7am to 6pm (GMT), Sunday 3pm to 5pm (GMT)
4. HTML in responses
5. Unexpected rate limiting / blacklisting
Yes, rate limited from 20,000 -> 150, 3 times in last 24hours. We are
using several servers to spread load, and have found it safer to leave
some servers out in the wings so that when limiting occurs to any
active IP the reserves can be added back in to take the strain whilst
we wait for the restricted IPs to recover, which they generally do in
approximately 20 minutes.
On Aug 9, 6:34 pm, Ryan Sarver <rsar...@twitter.com> wrote:
> I wanted to send an update to everyone who is monitoring this thread and
> keep you abreast of where we stand.
> First of all, the attack is still on going. We continue to work with our
> service provider and the other companies who are being attacked to resolve
> the issue as best we can. But it is continuing and as Chad stated, we are
> thus going to have continued and varied issues with access to the Twitter
> Second, we have been monitoring every email and Chad and John have done a
> great job responding to the threads where we have new information to add or
> where we can clarify. As Chad stated in his last email there are known
> issues that we are continuing to work on. We are trying to provide updates
> when we have new information, but sadly there isn't a lot new to report.
> Please know that we can't respond to each and every thread as our teams
> time, in your best interest, should be put towards getting you all back
> online as soon as possible. Please help each other answer questions if
> someone already knows the answer. I will continue to give ongoing updates
> every 5-6 hours throughout the day even if nothing has changed so that you
> know we are still focused on it.
> To be clear we have a large group of people working on this throughout the
> weekend and our developer ecosystem is incredibly important to us. Please
> believe us that this hurts us as much as it hurts you and we want to get you
> back online as soon as possible. We are endlessly appreciative for the hard
> work that each of you put into your applications and supporting Twitter
> users and we want those services to be online and back to normal.
> With that being said, this attack is continuing, almost 3 days later, and we
> need to continue to do all that we can to defend it. Have faith that we have
> the best people on it both at Twitter and at our partner's companies.
> With all of the emails flying around, its hard for us to track exactly what
> issues are still remaining so I wanted to try to capture them here and have
> you confirm or update me if new issues have cropped up or if others are
> passed. So please let me know which of the following issues you are still
> having or if there are any I missed:
> 1. OAuth rarely works - I tried a number of your apps and it seems to work 1
> out of 6-7 times. As a note, it worked better with Safari, but not every
> 2. 302 redirect
> 3. General request timeouts
> 4. HTML in responses
> 5. Unexpected rate limiting / blacklisting
> So again, thank you for your patience and know that we are hard at work to
> get you guys back up and running.
> Best, Ryan