Fark me again with the bots. This time DDoS-style crawling from hundreds of IPs and dozens of ASN(s) wtf?!
I’ve had to disale the Ingress to my Git instance for the time being, i need to sleep and I can’t fight this :/

@prologic@twtxt.net We have a bit of a vendor lock-in here in Germany: PayPal is sometimes the only non-shady option to pay for something. ☹️

@prologic@twtxt.net I realized, was too sleepy to notice then… At least I got “Site Reliability” right

@prologic@twtxt.net LiberaPay?

@prologic@twtxt.net as per #kzirx3a I managed to avoid having to use it (there’s also a thing or two wrong about its creator as well, which is more on a personal level than technical here)

@bender@twtxt.net Just a donations thiny I knew about from years ago that I never setup properly. Now an acceptable form of donation on my prologic.dev site 👌 (if anyone ever does that is!)

@prologic@twtxt.net what’s that?

@shinyoukai@neko.laidback.moe Haha 🤣 Nice typo there!

@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.

@prologic@twtxt.net the life of a lead SRA

@yarn_police@twtxt.net good thing we got law and order around here. And I mean, literally! 😅

@arne@uplegger.eu Das klingt interessant. Aber wer definiert, welche Projekte darunter fallen? Keine Ahnung wie das sonst so mit dem Ehrenamt ist, aber das müssen ja dann auch gemeinnützige Vereine oder etwas Vergleichbares sein, oder? :-?

Wenn ich in der Petition schon wieder KI les, wird mir gleich anders.

@prologic@twtxt.net Oh shit, that’s not healthy! :-(

@movq@www.uninformativ.de @bender@twtxt.net @prologic@twtxt.net That’s fine with me. It could be even the 1st January 2026, as simple as the change really is.

But it would be also alright to just stick with July, so that I don’t have to update the tests. :-P

@movq@www.uninformativ.de Dang it. :-(

@prologic@twtxt.net oh man, I envy you. I want an Asian vacation (Japan 😍) so badly!

@movq@www.uninformativ.de @bender@twtxt.net I’ll also start spamming from my upcoming Vietnam holiday (flying out this Friday) for a couple of soliday weeks 🤣

@movq@www.uninformativ.de Seems fine to me! Plenty of time to get our shit™ in order! 🙌

@bender@twtxt.net Once Advent of Code starts, I’ll start spamming, don’t worry. 😅

@movq@www.uninformativ.de looks good to me! 🎉

One can tell holidays are abound; even twtxt slows down to almost a halt.

Hm, so regarding the hash change:

https://git.mills.io/yarnsocial/twtxt.dev/pulls/28

How about 2026-03-01 00:00:00 UTC as the cut-off date? 🤔

@lyse@lyse.isobeef.org Probably wouldn’t help, since almost every request comes from a different IP address. These are the hits on those weird /projects URLs since Sunday:

    1 IP  has  5 hits
    1 IP  has  4 hits
   13 IPs have 3 hits
  280 IPs have 2 hits
25543 IPs have 1 hit

The total number of hits has decreased now. Maybe the botnet has moved on …

@lyse@lyse.isobeef.org ugh, well, there goes my thought.

@shinyoukai@neko.laidback.moe Welcome back! 🤟 You have been missed! 😅

@shinyoukai@neko.laidback.moe Welcome back 🤟

@movq@www.uninformativ.de Fail2ban to the rescue? :-?

@movq@www.uninformativ.de In my current project I’m typically far away from this pile of shit. Let’s see how the project will be in this regard.

@bender@twtxt.net Unfortunately, this also breaks the browser search.

@movq@www.uninformativ.de I’m raising my hand for tt.

@movq@www.uninformativ.de I think you will like this one: https://gibberifier.com/

@movq@www.uninformativ.de “resistance is futile, you will be assimilated”. :-D

@prologic@twtxt.net the only one other that exists is htwtxt which may as well be Yarn’s ancestor

@prologic@twtxt.net I have returned

@movq@www.uninformativ.de pinging @zvava@twtxt.net, on your behalf. And @falsifian@www.falsifian.org.

Which actively maintained Yarn/twtxt clients are there at the moment? Client authors raise your hands! 🙋

This is what this looked like visually 😳

@prologic@twtxt.net Time to make a new internet. Maybe one that intentionally doesn’t “scale” and remains slow (on both ends) so it’s harder to overload in this manner, harder to abuse for tracking your every move, … Got any of those 56k modems left?

(I’m half-joking. “Make The Internet Expensive Again” like it was in the 1990ies and some of these problems might go away. Disclaimer: I didn’t have my coffee yet. 😅)

Fark me 🤦‍♂️ I woke up quite late today (after a long night helping/assisting with a Mainframe migration last night fork work) to abusive traffic and my alerts going off. The impact? My pod (twtxt.net) was being hammered by something at a request rate of 30 req/s (there are global rate limits in place, but still…). The culprit? Turned out to be a particular IP 43.134.51.191 and after looking into who own s that IP I discovered it was yet-another-bad-customer-or-whatever from Tencent, so that entire network (ASN) is now blocked from my Edge:

+# Who: Tentcent
+# Why: Bad Bots
+132203

Total damage?

$ caddy-log-formatter twtxt.net.log | cut -f 1 -d  ' ' | sort | uniq -c | sort -r -n -k 1 | head -n 5
  61371 43.134.51.191
    402 159.196.9.199
    121 45.77.238.240
      8 106.200.1.116
      6 104.250.53.138

61k reqs over an hour or so (before I noticed), bunch of CPU time burned, and useless waste of my fucking time.

@movq@www.uninformativ.de That’s what tests are for. To fix them. :-D

@lyse@lyse.isobeef.org Oops. 😅 But yay, it’s working. 🥳

All my newly added test cases failed, that movq thankfully provided in https://git.mills.io/yarnsocial/twtxt.dev/pulls/28#issuecomment-20801 for the draft of the twt hash v2 extension. The first error was easy to see in the diff. The hashes were way too long. You’ve already guessed it, I had cut the hash from the twelfth character towards the end instead of taking the first twelve characters: hash[12:] instead of hash[:12].

After fixing this rookie mistake, the tests still all failed. Hmmm. Did I still cut the wrong twelve characters? :-? I even checked the Go reference implementation in the document itself. But it read basically the same as mine. Strange, what the heck is going on here?

Turns out that my vim replacements to transform the Python code into Go code butchered all the URLs. ;-) The order of operations matters. I first replaced the equals with colons for the subtest struct fields and then wanted to transform the RFC 3339 timestamp strings to time.Date(…) calls. So, I replaced the colons in the time with commas and spaces. Hence, my URLs then also all read https, //example.com/twtxt.txt.

But that was it. All test green. \o/

@thecanine@twtxt.net @movq@www.uninformativ.de Unfortunately, yes.

@thecanine@twtxt.net That image is correct.

@xuu@txt.sour.is when it is extremely important to be the very best at everything, nothing can be left behind. Not even a piss drinking contest!

@bender@twtxt.net thank you! <3

@bender@twtxt.net Thanks. That pulley is just to hang back up the telephone wire (on the ground in 16) for that farm and restaurant in 04 once they finish logging. Hahahahahaaahaaaa, I didn’t see the nails on top of the pole. :-D

Yup, these ice crystals are just lovely. :-)

@prologic@twtxt.net Who’s got a life besides work, huh? Yeah, no, thanks, mate! Scratch that.

@bender@twtxt.net Don’t even think that was on the cards I’m afraid 😳 But yes I’ve said that in a message to the recruiter.