Please Hold for Technical Difficulties

Daylight Atheism was down most of today due to technical problems with my host. Sorry about that. All should be back to working order now. Since I couldn’t log on to the site during the day, I wasn’t able to put up a new post. The one I had written for today will be up tomorrow.

In the meantime, I’m wondering if any technically savvy readers could help me untangle a mystery. In the first three days of December, I’ve gotten a huge amount of traffic – about one-third of what I normally get in an entire month. From looking through my traffic logs, the overwhelming majority of these new hits look the same: they have an empty referrer string, they visit the index page of my site (and no other page), and the IP addresses are from all over the world – doing reverse DNS lookups, I’ve found Sweden, Russia, India, Australia, the U.S., Israel, Estonia, Canada, and more. Also, they all have user-agent strings like this:

Reeder/1000.02.02 CFNetwork/454.11.5 Darwin/10.5.0 (i386) (MacBookPro5%2C1)

Reeder/1.2 CFNetwork/485.12.7 Darwin/10.4.0

Reeder/2.2 CFNetwork/485.12.7 Darwin/10.4.0

Reeder/1000.02.01 CFNetwork/454.11.5 Darwin/10.5.0 (i386) (iMac8%2C1)

Reeder/1000.02.01 CFNetwork/454.11.5 Darwin/10.5.0 (i386) (Macmini2%2C1)

Reeder/1000.02.01 CFNetwork/454.11.5 Darwin/10.5.0 (x86_64) (MacPro5%2C1)

Does anyone know what’s going on here? Reeder is the RSS feed reader for Apple’s iOS, I think, but an RSS reader should be fetching my site’s feed URL, not the front page. On the other hand, if these are live users, I don’t understand why some of them aren’t downloading archives or individual posts. It’s not enough traffic to be a distributed denial-of-service attack, but then where did all these hits come from, and why did they start arriving in this volume so suddenly and with no referring URL? Can anyone explain this?

About Adam Lee

Adam Lee is an atheist writer and speaker living in New York City. His new novel, Broken Ring, is available in paperback and e-book. Read his full bio, or follow him on Twitter.

  • Chris

    Reeder was just released in alpha a few days ago. You should contact the developers. Try @reederapp on twitter. I think it might be looking for a favicon for your site.

  • Ebonmuse

    That’s an excellent suggestion. I’ll send an e-mail to the Reeder developers and see if they can explain what this is all about.

  • kagerato

    Does this Reeder client do caching? If not, every time users visit the page they’ll download it all over again (even if nothing has changed).

    How many distinct IPs are we talking here? Ten, a hundred, a thousand …? How many accesses are made per day per IP? In a DDoS, typically the clients will keep up the pressure indefinitely for a day or two. If the number of accesses per IP is low and randomly distributed in time, it is almost certainly not any kind of denial of service attack. I would suggest dumping the full server logs and performing a statistical analysis of the data.

    As to hitting only the index page, for a blog this is nothing unusual; indeed, that’s the typical behavior.

    There’s a strong possibility this Reeder client is simply very buggy. If you hear back something that would confirm that from the developer, you can temporarily ban such clients based on their User Agent.

  • William

    I may account for some of those Canadian views, I get some views from the very same places, Estonia is a very secular country and I’m not surprised you get views from there, perhaps it is a sign that your blog is reaching a critical point, like in epidemics, and from here on the number of views will start to increase exponentially. I can’t help you on the user-agent strings (what is that?) or on the no URLs, maybe that is a consequence of redirects from Planet Atheism (which is the only reason I know about your blog).

  • Ebonmuse

    So, I heard back from the Reeder developers. They said there’s a bug in the alpha version which causes it to request the index pages of subscribed sites every time the user syncs their subscriptions. I’m surprised I’m the only one who’s run into this problem, but whatever. Hopefully, the flood of hits will decline on its own as they release a fix to beta users. If I’m lucky, it won’t knock out my web server again before that happens.