Fark me 🤦♂️ I woke up quite late today (after a long night helping/assisting with a Mainframe migration last night fork work) to abusive traffic and my alerts going off. The impact? My pod (twtxt.net) was being hammered by something at a request rate of 30 req/s (there are global rate limits in place, but still…). The culprit? Turned out to be a particular IP 43.134.51.191 and after looking into who own s that IP I discovered it was yet-another-bad-customer-or-whatever from Tencent, so that entire network (ASN) is now blocked from my Edge:
+# Who: Tentcent
+# Why: Bad Bots
+132203
Total damage?
$ caddy-log-formatter twtxt.net.log | cut -f 1 -d ' ' | sort | uniq -c | sort -r -n -k 1 | head -n 5
61371 43.134.51.191
402 159.196.9.199
121 45.77.238.240
8 106.200.1.116
6 104.250.53.138
61k reqs over an hour or so (before I noticed), bunch of CPU time burned, and useless waste of my fucking time.
#jryh2ba
(#jryh2ba) At this point I’m considering starting a class action lawsuit for all the self-hostess and little-web folks that want to host a small thing or two and sue these fucking inconsiderate fucking corporate giants, hopefully win, and make them respect others on the web.
#bqvamjq
(#jryh2ba) @prologic@twtxt.net Time to make a new internet. Maybe one that intentionally doesn’t “scale” and remains slow (on both ends) so it’s harder to overload in this manner, harder to abuse for tracking your every move, … Got any of those 56k modems left?
(I’m half-joking. “Make The Internet Expensive Again” like it was in the 1990ies and some of these problems might go away. Disclaimer: I didn’t have my coffee yet. 😅)
#feqjjna
(#jryh2ba) This is what this looked like visually 😳
#5zhsb4q