| |
Count Zero
Registered: Jan 2003
Posts: 1926 |
Codebase64 mirroring idiots?
I know, I know - Internet is not available everwhere but is that really a reason to crawl codebase64.org with a stupid webcrawler hitting each and every URL it sees?
Frantic and me agreed in adding a plugin which will allow an HTML-ized download for on-the-road-reads and we of course hope that intensified reading leads to more submissions! (Stay tuned for that!)
MEANWHILE we are close to banning _ALL OF POLAND_ via IP rules and deny any access to codebase64.org and other sites hosted on the same server.
HOW SICK ARE YOU generating 60gb of traffic for what appears from the logs as mirroring will result as an unbrowsable data blob.
Oh, cant be wasting our bandwidth with such a silly connection but keeping the shit running for over a week shows some dedication at least. If the initiator is reading this: quit it or deal with the consequences. We are open minded and surely give more than we take - you are abusing it.
(BTW, codebase64 is generating about 8gb per month without stupid mirroring attempts, as a comparison to above give number. We'd like to keep reliability and speed so please report any problems to either Frantic or me) |
|
... 18 posts hidden. Click here to view all posts....
|
| |
Conjuror
Registered: Aug 2004
Posts: 168 |
https://www.facebook.com/groups/RetroAssembler/ |
| |
Oswald
Registered: Apr 2002
Posts: 5086 |
cool, thanks |
| |
Mr. SID
Registered: Jan 2003
Posts: 424 |
Quote: Best move all content over to a facebook group *duck*
No, Google+ ! |
| |
Digger
Registered: Mar 2005
Posts: 427 |
Luckily I live in Sweden now, so no ban for me ;-) |
| |
soci
Registered: Sep 2003
Posts: 479 |
As soon as it's login only and there's no https then it's almost like blocked for me.
If it'd have encryption I might even consider contributing to it (this is not a promise, and as time permits).
As for FB groups, good for my family, but they're not interested in coding, and I'm not interested in FB. Another nice empty set.
Life is damn hard sometimes ;) |
| |
Count Zero
Registered: Jan 2003
Posts: 1926 |
<offtopic>
soci: as much as I favour your paranoia regarding encryption you'd have to find the solution for the regular linux admin to have some sort of self-signed ssl-certificate for several domains on the same IP. Is there something like self-signed SAN certificates maybe? Will this mozilla encrypt campaign have alike?
Until then: we surely would love to see you contributing. Use a unique login/password combination and there shouldn't be too much of a thread to falsify your coding info. Damn that's too high stuff for the NSA even!
soci - dont get me wrong, BUT: As I saw similar complaints regarding encryption from you on the vice ML a while ago: I cannot follow your point of view here. Encrypted submission to about any source (may it be vice, codebase or csdb) does not prevent us from modifying the databases directly and your used encryption does not log your contribution anyhow. :)
Is it really that you wouldn't comment e.g. a blog post if your email is required and there is no https?
</offtopic> |
| |
Burglar
Registered: Dec 2004
Posts: 1088 |
<offtopic answer> almost there: http://www.theregister.co.uk/2015/09/15/lets_encrypt/ </offtopic>
ontopic, if u can do the code, you could write a simple ratelimiter using fail2ban or grep/awk. but takes time and rolling your own can be error prone.
imagine a cronjob that just analyzes the access log and bans ips if a certain threshold is reached. |
| |
Count Zero
Registered: Jan 2003
Posts: 1926 |
Been there already - less error prone is using "Sippenhaft" (sorry, cannot find a proper translation) on all of Poland via geoip. Wouldn't hurt US anyhow :) |
| |
soci
Registered: Sep 2003
Posts: 479 |
Quoting Count Zero<offtopic>
soci: as much as I favour your paranoia regarding encryption you'd have to find the solution for the regular linux admin to have some sort of self-signed ssl-certificate for several domains on the same IP. Is there something like self-signed SAN certificates maybe? Will this mozilla encrypt campaign have alike?
You can have multiple certificates for different domains on a single IP with SNI these days, and it's not difficult to set up (only have experience with apache2). Even self signed is better than nothing.
Quoting Count ZeroUntil then: we surely would love to see you contributing. Use a unique login/password combination and there shouldn't be too much of a thread to falsify your coding info. Damn that's too high stuff for the NSA even!
Unique passwords is the norm of course. It's more about random wifi routers I connect through, not my home connection which I only use for 3 hours a month or so. Same argument as last time, if I suddenly start to spam then sorry ;)
Quoting Count ZeroIs it really that you wouldn't comment e.g. a blog post if your email is required and there is no https?</offtopic>
It's a pain to create a throw away unique e-mail address every time. Especially if the account is dropped after 30 days of inactivity. So I think twice if it's worth to register. |
| |
Bitbreaker
Registered: Oct 2002
Posts: 504 |
Quoting Count Zero<offtopic>
... you'd have to find the solution for the regular linux admin to have some sort of self-signed ssl-certificate for several domains on the same IP. Is there something like self-signed SAN certificates maybe? Will this mozilla encrypt campaign have alike?
Where's the problem having a certificate per VirtualHost directive? Have running that here, just specify a different cert per VirtualHost and you are done? The IP is not the problem, you just need to use the right FQDN per host when creating the certificate. |
| Previous - 1 | 2 | 3 - Next |
