Good to see so many folks starting to come back to our little non-social social ecosystem 👌 Good to also see twtxt.net starting to peer with 7 other pods in the greater network too! 🥳

Sooooo looking forward to my holiday, after this week of work 🤯 16 day holiday in Vietnam! Whoohoo 🤟

@shinyoukai@neko.laidback.moe I don’t even know how to fix that 🤣 Do you? 🤔

@aelaraji@aelaraji.com It’s definately been a long and fast year that’s for sure 👍 Don’t worry!

Ahh sorry about that! It’s public now!

@aelaraji@aelaraji.com I think I’ll just end up using the Official CrowdSec Go library 🤔

Speaking of WAF(s) / Web Applicaiton Firewalls – I actually had forgotten that not only have I designed a new WAF from scratch, but I’ve actually implemented it already, and done some local testing. I just haven’t put it into production yet… What od you think @aelaraji@aelaraji.com ? 🤔 https://git.mills.io/prologic/caddy-waf

Sometimes, (just sometimes) my ability to pattern match and remember how to play perfect games of chess is awesome 😎

@aelaraji@aelaraji.com Good luck! 🤞

@shinyoukai@neko.laidback.moe If you’re after a list of bad ASN(s) I have such a list handy here 😂

@aelaraji@aelaraji.com Ahhh! That would be even funnier and even more brilliant! 🤣 If you can find this, I would happily employ this tactic next time and make ‘em pay 💰 Bahahahaha 🤣

@shinyoukai@neko.laidback.moe You would have to pull main and build from source 🤣 I promise I’ll make a new major release soon™ – Only been promising that for a while now, but it will happen this year 🤣

@aelaraji@aelaraji.com Yeah and I think I can basically pull the crowssec rules every N interval right and use this to make blocking decisions? – I’ve actually considered this part of a completely new WAF design that I just haven’t built yet (just designing it).

Anyone on my pod (twtxt.net) finding the new Filter(s) useful at all? 🤔

@bender@twtxt.net That’s not the problem. The problem is the complex DNS setup and delegation. I’ve gotten it working once before, but it’s not that easy if you don’t intend to run it on the APEX Domain.

So blackholing my Gitea instance’s DNS for the day seemed to have worked 🤣 (if only I had a real target I could have made their fucking crawlers DDoS themselves 😂) – Let’s also see if enabling DDoS proection on the Edge via Vultr’s DDoS capability also helps? 🤔

@shinyoukai@neko.laidback.moe Yes 👍

@movq@www.uninformativ.de sorry dude I think we’re getting our language confused. I think I actually meant private Internet connections.

Something I caught myself saying earlier in the day:

As a human species we need to stop doing stupid shit™.

–James Mills

T-shirt coming soon™

Tired to re-enable the Ege route to git.mills.io today (after finishing work) and this is what I found 🤯 Tehse asshole/cunts are still at it !!! 🤬 – So let’s instead see if this works:

$ host git.mills.io 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases:

git.mills.io is an alias for fuckoff.mills.io.
fuckoff.mills.io has address 127.0.0.1

PS: Would anyone be interested if I started a massive global class action suit against companies that do this kind of abusive web crawling behavior, violate/disregards robots.txt and whatever else standards that are set in stone by the W3C? 🤔

@bender@twtxt.net Maybe so. But running Mastodon or GotoSocial is actually not as easy as you’d think 😂

@movq@www.uninformativ.de If by that you mean ISP(s)? No. so far most are hosting providers by the looks? 🧐

@aelaraji@aelaraji.com Ahh that would be awesome!!! I’d also somehow need read access to logs so i can figure shit out on my own 🧐

@aelaraji@aelaraji.com Haha! 😂 Welcome back 🙌

@aelaraji@aelaraji.com Tell me more? How does this work?

Oh fuck me! I had basically turned off the route to git.mills.io last night and went ot bed at ~2AM after unsuccessfully trying to control the attacks (bad bots) that were behaving like a DDoS attack. Tried to re-enable the route this monring and *BOOM, they’re back! As-if they never stopped?! what da actual fuq?! Anyone have any clever ideas of what I can do here to allows normal users, like you nice folk and block ths obnoxious traffic?!

Fark me again with the bots. This time DDoS-style crawling from hundreds of IPs and dozens of ASN(s) wtf?!
I’ve had to disale the Ingress to my Git instance for the time being, i need to sleep and I can’t fight this :/

@bender@twtxt.net Just a donations thiny I knew about from years ago that I never setup properly. Now an acceptable form of donation on my prologic.dev site 👌 (if anyone ever does that is!)

Bye bye PayPal 👋 Hello LibrePay 👋

When I try to login to PayPal I now see:

Please enable JS and disable any ad blocker

Here’s the thing. PayPal takes fees from transactions and payments received and sent.

I have very right not have ads shoved in my face for something that isn’t actually free in the first place and costs money to use. If PayPal would like to continue to piss off folks me like, then I’ll happily close my PayPal account and go somewhere else that doesn’t shove ads in my face and consume 30-40% of my Internet bandwidth on useless garbage/crap.

#PayPal #Ads

@shinyoukai@neko.laidback.moe Haha 🤣 Nice typo there!

@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.

My day (yesterday), stand up at 09:30AM (AEDT), P2 Incident at 10:20AM. End of my day 04:30AM (AEST) the next day! Oh my 🤣 🔥 🤦‍♂️

@movq@www.uninformativ.de @bender@twtxt.net I’ll also start spamming from my upcoming Vietnam holiday (flying out this Friday) for a couple of soliday weeks 🤣

@movq@www.uninformativ.de Seems fine to me! Plenty of time to get our shit™ in order! 🙌

@shinyoukai@neko.laidback.moe Welcome back! 🤟 You have been missed! 😅

@shinyoukai@neko.laidback.moe Welcome back 🤟

Obviously yarnd 🙋‍♂️

This is what this looked like visually 😳

At this point I’m considering starting a class action lawsuit for all the self-hostess and little-web folks that want to host a small thing or two and sue these fucking inconsiderate fucking corporate giants, hopefully win, and make them respect others on the web.

Fark me 🤦‍♂️ I woke up quite late today (after a long night helping/assisting with a Mainframe migration last night fork work) to abusive traffic and my alerts going off. The impact? My pod (twtxt.net) was being hammered by something at a request rate of 30 req/s (there are global rate limits in place, but still…). The culprit? Turned out to be a particular IP 43.134.51.191 and after looking into who own s that IP I discovered it was yet-another-bad-customer-or-whatever from Tencent, so that entire network (ASN) is now blocked from my Edge:

+# Who: Tentcent
+# Why: Bad Bots
+132203

Total damage?

$ caddy-log-formatter twtxt.net.log | cut -f 1 -d  ' ' | sort | uniq -c | sort -r -n -k 1 | head -n 5
  61371 43.134.51.191
    402 159.196.9.199
    121 45.77.238.240
      8 106.200.1.116
      6 104.250.53.138

61k reqs over an hour or so (before I noticed), bunch of CPU time burned, and useless waste of my fucking time.

@bender@twtxt.net Don’t even think that was on the cards I’m afraid 😳 But yes I’ve said that in a message to the recruiter.

@kiwu@twtxt.net I’m glad you’re liking the updates haha 😆

@lyse@lyse.isobeef.org @bender@twtxt.net Pfft, they want folks to relocate to Sydney. Fuck that 🤣 Sydney is a bit like San Francisco, I’m not actually sure which is worse. Fuck’n expensive as hell, the only palce you’d be able to afford to buy or rent is at least ~2hrs out of the city by public transport (i.e: train) and by that time you’ve just pissed your life down the toilet, because you’d be expected ot work a 9-10hr day + 2-3hrs of travel each way, buy the time you factor in having to wake up super early to get ready to travel in to work, you basically have zero time for anything else, let alone your ufamily,

Fuck that.

Hmmm

Hello @therealprologic@bridge.twtxt.net 👋

@bender@twtxt.net Haha 🤣 Spoken like someone that’s done this before 😅

What do you do, when a recruiter throws you a PD or two and says the total compensation is ~2-3x what you’re on now?! 🤔

@arne@uplegger.eu @lukas@lukasthiel.de In fact, Yarn.social’s yarnd client implementation actually uses (or did, still kinda does today) PicoCSS 🤟 It was/is a good CSS library! 👍

@thecanine@twtxt.net Comgrats! 🙌