Thanks to a particularly annoying botnet, everyone’s favorite anime cat girl firewall is now helping protect piefed.ca & lemmy.ca from bots and scrapers.
This is requests per second and these are all thousands of scrapers on residential IPs hammering us:
They’d increase their usage until the site started struggling, then move on. I banned their user agents, but have no interest in a cat & mouse game. Anubis should hopefully keep things running much smoother for everyone.
Let me know if you have any trouble!
You must log in or # to comment.
- red = obvious bots
- blue = bots and users hitting the first anubis page (ie, it’s 99.9% bots)
- green = users.
I don’t go to this school, but I’m gonna check whether I’m caught in your new net!
Edit: wew, I’m not a bot!
I like your nickname vs username.
Thank you! It felt like just the right amount of chicanery
It’ll be nice to compare the next week’s network traffic to the last one’s and (presumably) see the spikes disappear.
There’s definitely a noticeable drop.
I’m surprised our backend traffic so flat, but I’m assuming it’s mostly federation
Contrary to what my teachers tried to teach me, I am a user, mean, and req’d.
Take that, Mister Ecker!
Yay!!
F the bots. Would like to be able to have nice things. Happy that at least this is the 🇨🇦-made solution (at least the primary dev, anyways).
Does Fedecan have the budget to throw a couple of bucks a month to Xe? Completely understand if not, I’ve done not-for-profit corps before and I know what it’s like. But if the budget is there, spending it on a Canadian dev would be a nice choice, IMO.
Oh I didn’t realize they were Canadian, we’ll discuss!
Name and shame. What are the useragent strings? Can the companies be identified?
It won’t affect me personally, because I already hate all AI companies. But maybe I could convince some people if I tell them what a specific company is doing.
OP says residential IPs :/
https://stormproxies.com/ et al are the kinds of site that offer this. Backend accessible rotating residential IP addresses, makes finding the source of the scourge almost impossible
If you really want to get the info, bludgeoning them legally and cheaply with repeated small claims court processes seems asymmetrical enough to become a slightly cash positive hobby
They’re all generic user agents that just look like a browser. Nothing fingerprintable
Meh, useragents are easily spoofed and something tells me that most (all) AI companies don’t really care about behing honest there
I’ll be curious to know if y’all experience any federation issues. If not, I may introduce this on the mastodon instances I administrate!
Nothing so far. Anubis has a built in rule set for activity pub.
Hell yeah! You guys are amazing!
are there any alternatives to anubis?
How come you’re looking for an alternative? Does it not do the job for you or something?
tbh i would prefer something silent instead of a full screen block page while it figures out whether I’m a bot or not
I don’t even like cloudflare click to confirm you’re not a bot pages which auto confirm
To my knowledge, which is often wrong, that’s necessary.
It’s a proof of work system, so your browser has to receive the challenge work, create background workers to do it, then submit the results and get authenticated.
If the work wasn’t challenging (slow), then it wouldn’t be any impediment to scrapers and bots.
Whether there are alternatives to proof of work that work well, I do not know. But fingerprinting alone is actually very difficult.
FWIW I think cloudflare and similar do the full screen thing too, they just render a blank page though so it just feels like more load time.
I don’t run Anubis on my stuff currently, but I’d be surprised if it doesn’t have a similar feature
