digdilem

joined 1 year ago
[–] [email protected] 1 points 1 minute ago

You're making the mistake in that his intention is to improve things.

[–] [email protected] 1 points 2 minutes ago

Factorio is amazing.

[–] [email protected] 80 points 2 days ago (9 children)

Well, this aged quickly.

[–] [email protected] 1 points 4 days ago (1 children)

I think your reply would have been more useful if you'd given some pointers about how, instead of just "do it right".

[–] [email protected] 2 points 1 week ago* (last edited 1 week ago)

It's fine, but not going to be the cheapest.

Cheap to buy: Any old PC desktop, really. Most will run linux and windows fine, depending on what you want. Anywhere from free to £100. If you have an old desktop or laptop already, use that to start with.

Cheap to run: Any mini PC. I run a Lenovo ThinkCentre M53 for low power duties. Cost £40 and runs silently at 10watts, idle. (I have a secondary, much beefier server for other stuff that runs at around 100w which lives in the garage)

But plenty of people do run mac minis as home servers, often on Linux. They're fine - just do your homework on the CPU ability, how much ram you can add, and whether you're okay with external disks if you can't fit enough inside.

[–] [email protected] 9 points 1 week ago

Find your thing.

For me that's been different things as I've gone through life. Currently in my 50s and enjoying riding a motorbike at weekends. When I'd ridden all the local roads so many times it was starting to get boring, I added another layer and am now riding my bike to every Village in my county. It's going to take a while, but has given another layer of interest and purpose. Many people won't understand why it's interesting to me, and that's fine, they don't have to. Finding what works for you is half the challenge.

BTW, if you've got depression, then finding happiness without resolving that is really, really difficult. Been there and absolutely everything felt bleak and pointless. Fixing that is the first step.

[–] [email protected] 6 points 1 week ago
[–] [email protected] 5 points 1 week ago (1 children)

Are headphones a possibility in your workplace?

[–] [email protected] 1 points 1 week ago (1 children)

Thanks, that's some good thoughts. I do already do that, contribute to FOSS, write fiction and I've taught some stuff to younger folk at work so it's not entirely wasted. If I can achive net zero on whatever cosmic scoreboard is in place, I figure that's okay.

[–] [email protected] 21 points 1 week ago (4 children)

Mixed, but mostly okay.

Pros: The world is massively overpopulated already. Our genes aren't particularly noteworthy. I'm not very optimistic about the future. People's happiness generally seems a lot less than it was when I was younger and I don't see that changing.

Cons: Not being able to pass anything on - my knowledge and experience, ironically much of which was gained through having time that would have been unavailable if I had had kids. As we both get older, our own care is concerning. Doing physical things around our smallholding is getting harder and a pair of young hands would be nice.

I don't begrudge other people having kids. We tried once but lost it and that kind of took the excitement out of it for us. Before we knew it, it was too late anyway.

[–] [email protected] 2 points 1 week ago

The UK has seen a stratospheric drop too. Banned from all non-private indoor spaces, taxed through the roof. At least in the South, it's rare to see or even smell someone smoking now, even on TV. Although in some cities it's just as likely to smell cannabis as tobacco.

I don't think you're "exporting it" though - it's not an American initiative. This was a pretty universal shift of "why the fuck do we do this stupid shit?"

[–] [email protected] 2 points 1 week ago

India has the BRO too.

Watching a guy called Joe Ryan on Youtube at the mo, who's riding a motorbike around the Himalayas. The BRO are building roads there at an incredible rate in the most impossible landscape. I'm genuinely amazed at the scale and adaptability of them and how much they're doing right now.

This is literally changing the lives of those who live in the area, although I do wonder how much this will trigger tourism and change everything as it has elsewhere. But still, those guys can build roads.

195
submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/[email protected]
 

I host a few small low-traffic websites for local interests. I do this for free - and some of them are for a friend who died last year but didn't want all his work to vanish. They don't get so many views, so I was surprised when I happened to glance at munin and saw my bandwidth usage had gone up a lot.

I spent a couple of hours working to solve this and did everything wrong. But it was a useful learning experience and I thought it might be worth sharing in case anyone else encounters similar.

My setup is:

Cloudflare DNS -> Cloudflare Tunnel (Because my residential isp uses CGNAT) -> Haproxy (I like Haproxy and amongst other things, alerts me when a site is down) -> Separate Docker containers for each website. On a Debian server living in my garage.

From Haproxy's stats page, I was able to see which website was gathering attention. It's one running PhpBB for a little forum. Tailing apache's logs in that container quickly identified the pattern and made it easy to see what was happening.

It was seeing a lot of 404 errors for URLs all coming from the same user-agent "claudebot". I know what you're thinking - it's an exploit scanning bot, but a closer look showed it was trying to fetch normal forum posts, some which had been deleted months previously, and also robots.txt. That site doesn't have a robots.txt so that was failing. What was weird is that the it was requesting at a rate of up to 20 urls a second, from multiple AWS IPs - and every other request was for robots.txt. You'd think it would take the hint after a million times of asking.

Googling that UA turns up that other PhpBB users have encountered this quite recently - it seems to be fascinated by web forums and absolutely hammers them with the same behaviour I found.

So - clearly a broken and stupid bot, right? Rather than being specifically malicious. I think so, but I host these sites on a rural consumer line and it was affecting both system load and bandwidth.

What I did wrong:

  1. In docker, I tried quite a few things to block the user agent, the country (US based AWS, and this is a UK regional site), various IPs. It took me far too long to realise why my changes to .htaccess were failing - the phpbb docker image I use mounts the root directory to the website internally, ignoring my mounted vol. (My own fault, it was too long since I set it up to remember only certain sub-dirs were mounted in)

  2. Figuring that out, I shelled into the container and edited that .htaccess, but wouldn't have survived restarting/rebuilding the container so wasn't a real solution.

Whilst I was in there, I created a robots.txt file. Not surprisingly, claudebot doesn't actually honour whats in there, and still continues to request it ten times a second.

  1. Thinking there must be another way, I switched to Haproxy. This was much easier - the documentation is very good. And it actually worked - blocking by Useragent (and yep, I'm lucky this wasn't changing) worked perfectly.

I then had to leave for a while and the graphs show it's working. (Yellow above the line is requests coming into haproxy, below the line are responses).

Great - except I'm still seeing half of the traffic, and that's affecting my latency. (Some of you might doubt this, and I can tell you that you're spoiled by an excess of bandwidth...)

  1. That's when the penny dropped and the obvious occured. I use cloudflare, so use their firewall, right? No excuses - I should have gone there first. In fact, I did, but I got distracted by the many options and focused on their bot fighting tools, which didn't work for me. (This bot is somehow getting through the captcha challenge even when bot fight mode is enabled)

But, their firewall has an option for user agent. The actual fix was simply to add this in WAF for that domain.

And voila - no more traffic through the tunnel for this very rude and stupid bot.

After 24 hours, Cloudflare has blocked almost a quarter of a million requests by claudebot to my little phpbb forum which barely gets a single post every three months.

Moral for myself: Stand back and think for a minute before rushing in and trying to fix something in the wrong way. I've also taken this as an opportunity to improve haproxy's rate limiting internally. Like most website hosts, most of my traffic is outbound, and slowing things down when it gets busy really does help.

This obviously isn't a perfect solution - all claudebot has to do is change its UA, and by coming from AWS it's pretty hard to block otherwise. One hopes it isn't truly malicious. It would be quite a lot more work to integrate Fail2ban for more bots, but it might yet come to that.

Also, if you write any kind of web bot, please consider that not everyone who hosts a website has a lot of bandwidth, and at least have enough pride to write software good enough to not keep doing the same thing every second. And, y'know, keep an eye on what your stuff is doing out on the internet - not least for your own benefit. Hopefully AWS really shaft claudebot's owners with some big bandwidth charges...

EDIT: It came back the next day with a new UA, and an email address linking it to anthropic.com - the Claude3 AI bot, so it looks like a particularly badly written scraper for AI learning.

view more: next ›