(#cmttsmq) Notably the custom operator @lookupASN
Notably the custom operator @lookupASN ⌘ Read more

(#cmttsmq) I’ll try to add a README for caddy-waf soon™ (going back to bed now) at least document the customizations I’ve made to this WAF ( …
I’ll try to add a README for caddy-waf soon™ ( going back to bed now) at least document the customizations I’ve made to this WAF ( which I forked from caddy-coraza) ⌘ Read more

**(#cmttsmq) This is how I build my caddy:

proxy-1:~# cat build.caddy.sh
#!/bin/sh

xcaddy build \
	--with github.com/caddy-dns/cloudflare \
 ...**
This is how I build my caddy:

proxy-1:~# cat build.caddy.sh
#!/bin/sh

xcaddy build

--with github.com/caddy-dns/cloudflare \
--with github.com/caddyserver/cache-handler \
--with git.mills.io/prologic/caddy-ratelimit \
--with git.mills.io/prologic/caddy-waf

proxy-1:~#

⌘ [Read more](https://twtxt.net/twt/dokh7ca)

**(#cmttsmq) Ahh fuck! Sorry I was fixing a rule 🤣 This is much better!

proxy-1:~# grep -c 'Bad ASN' /var/log/caddy/caddy.log
2441
```**
Ahh fuck! Sorry I was fixing a rule 🤣 This is **much** better!

proxy-1:~# grep -c ‘Bad ASN’ /var/log/caddy/caddy.log
2441

”` ⌘ Read more

**(#cmttsmq) @bender@bender Yes they are rather large 🤣 Here you go:

proxy-1:~# cat /etc/caddy/waf/bad_asns.txt
# CHINANET-BACKBONE No. ...**
[@bender](https://twtxt.net/user/bender/) Yes they are rather large 🤣 Here you go:

proxy-1:~# cat /etc/caddy/waf/bad_asns.txt

4134

4837

9808

32934
proxy-1:~ … ⌘ Read more

**(#cmttsmq) @bender@bender AS Number):

An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under …**
@bender AS Number:

An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain, that presents a common and clearly defined routing policy to the Internet.[ … ⌘ Read more

Cool! 😎 So I can now block ASN(s) 🤣 (And I bet no-one noticed anything)
Cool! 😎 So I can now block ASN(s) 🤣 ( And I bet no-one noticed anything) ⌘ Read more

(#dzdazga) @kat I love blue 🤣
@kat @yarn.girlonthemoon.xyz I love blue 🤣 ⌘ Read more

(#4haff4q) @aelaraji Still in my cache 🤣
@aelaraji @aelaraji.com Still in my cache 🤣 ⌘ Read more

(#dzdazga) @aelaraji Bahahaha, you know where the default theme lives 🤣 PRs welcome!
@aelaraji @aelaraji.com Bahahaha, you know where the default theme lives 🤣 PRs welcome! ⌘ Read more

It’s nice to see that some Crawlers actaully respect rate limits and respect a 429 Too many requests response 👌 Thank you Google! 🙌 …
It’s nice to see that some Crawlers actaully respect rate limits and respect a 429 Too many requests response 👌 Thank you Google! 🙌 ⌘ Read more

(#axb3ekq) @bender@bender So you mean, get failtb2n to look at my Caddy audit logs for violations and then just block at the firewall level f …
@bender So you mean, get failtb2n to look at my Caddy audit logs for violations and then just block at the firewall level for repeated violations? 🤔 ⌘ Read more

(#oktfrhq) @kat token will still be valid 👌
@kat @yarn.girlonthemoon.xyz token will still be valid 👌 ⌘ Read more

(#a46vupa) @kat 🙌
@kat @yarn.girlonthemoon.xyz 🙌 ⌘ Read more

(#n57rgiq) @kat Yeah that’s what the admin function does. Normal user password reset is different but requires working email 🤣
@kat @yarn.girlonthemoon.xyz Yeah that’s what the admin function does. Normal user password reset is different but requires working email 🤣 ⌘ Read more

(#nww6fla) @kat Speaking of KVM, Tiny Pilot and Jet KVM look really good!
@kat @yarn.girlonthemoon.xyz Speaking of KVM, Tiny Pilot and Jet KVM look really good! ⌘ Read more

(#uxttbva) @kat It’ll be whatever the actual server’s time zone is.
@kat @yarn.girlonthemoon.xyz It’ll be whatever the actual server’s time zone is. ⌘ Read more

(#uwd4atq) @kat Temporally change the admin account on your pod to another account. Then login with that and reset the password on your main acc …
@kat @yarn.girlonthemoon.xyz Temporally change the admin account on your pod to another account. Then login with that and reset the password on your main account. ⌘ Read more

(#tokn7wa) What didn’t work? Hmmm 🤔
What didn’t work? Hmmm 🤔 ⌘ Read more

(#tv6ifoa) Hmm? 🤔
Hmm? 🤔 ⌘ Read more

(#cn5kamq) @seabirdie@seabirdie 👋 Welcome to Yarn.social 🙌
@seabirdie @yarn.girlonthemoon.xyz 👋 Welcome to Yarn.social 🙌 ⌘ Read more

(#tpykhda) @kat Haha 🤣
@kat @yarn.girlonthemoon.xyz Haha 🤣 ⌘ Read more

(#boohdlq) Also yarnd supports video too 🤣
Also yarnd supports video too 🤣 ⌘ Read more

(#boohdlq) @kat Thanks! I built my own video hosting platform too but not nearly as fancy as what you use 🤣
@kat @yarn.girlonthemoon.xyz Thanks! I built my own video hosting platform too but not nearly as fancy as what you use 🤣 ⌘ Read more

(#t4bkusa) 👋 Welcome to Yarn.social 🙌
@ @yarn.girlonthemoon.xyz 👋 Welcome to Yarn.social 🙌 ⌘ Read more

(#axb3ekq) @bender@bender Wre I’m talking about Web right? 🤣
@bender Wre I’m talking about Web right? 🤣 ⌘ Read more

(#buvh2sa) @aelaraji Nice! 🙌
@aelaraji @aelaraji.com Nice! 🙌 ⌘ Read more

(#tw5ulrq) @bender@bender you’re right the scale wasn’t that large, but analyzing the logs. It definitely was a detox attack. 🤣 I woke up …
@bender you’re right the scale wasn’t that large, but analyzing the logs. It definitely was a detox attack. 🤣 I woke up this morning to see six other small spikes like this which I’ll have to analyze later tonight… ⌘ Read more

(#tw5ulrq) @movq Yes
@movq @www.uninformativ.de Yes ⌘ Read more

(#boohdlq) @kat What do you use for this btw? 🤔
@kat @yarn.girlonthemoon.xyz What do you use for this btw? 🤔 ⌘ Read more

**So I need to figure out how to block ASN(s)…

Additionally, I’ thinking of; How to detect DDoS attachs?

Here’s one way I’ve come up that’s qu …**
So I need to figure out how to block ASN(s)…

Additionally, I’ thinking of; How to detect DDoS attachs?

Here’s one way I’ve come up that’s quite simple:

Detecting DDoS attacks by tracking requests across multiple IPs in a sliding window. If total requests exceed a threshold in a given time, flag as potential DDoS. ⌘ Read more

(#tw5ulrq)
⌘ Read more

(#d6gewza) @lyse@lyse Cool 👌
@lyse @lyse.isobeef.org Cool 👌 ⌘ Read more

Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic…
Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic… ⌘ Read more

For the time being… I’ve just blocked all of OpenAI(s) Bots. They (thankfully) publish a JSON endpoint that you can use to block all OpenAI …
For the time being… I’ve just blocked all of OpenAI(s) Bots. They ( thankfully) publish a JSON endpoint that you can use to block all OpenAI crawlers from reaching your server ( in my case, blocking it at the edge). Example:

proxy-1:~# curl -qs https://openai.com/gptbot.json | jq -r '.prefixes[].ipv4Prefix' | xargs -I{} ./block-ip.sh {}

Where … ⌘ Read more

**(#buvh2sa) @aelaraji Yes! 👏 This is exactly what it is! 🤣 I will of course soon™ be hosting this service, likely at validator.twtxt.net ...** [@aelaraji _@aelaraji.com_](https://twtxt.net/external?uri=https://aelaraji.com/twtxt.txt&nick=aelaraji) Yes! 👏 This is exactly what it is! 🤣 I will of course soon™ be hosting this service, likely atvalidator.twtxt.net😅😅 ⌘ [Read more](https://twtxt.net/twt/rmyrhwq)

(#f26jg3a) @kat Haha 🤣 If someone figures this out, please let me know 🙏🙏 – In the meantime, I’m going to very soon™ write a daemon …
@kat @yarn.girlonthemoon.xyz Haha 🤣 If someone figures this out, please let me know 🙏🙏 – In the meantime, I’m going to very soon™ write a daemon that will watch the audit log for repeated violations and add to the network firewall. ⌘ Read more

**(#4nndfsa) This is better:

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
2025/01/04 23:17:04 4.227.36.76 58982 GE ...**
This is better:

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
2025/01/04 23:17:04 4.227.36.76 58982 GET /external?aff-HY0BLO=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fthe-president-codes.linegames.org null 0 On OWASP_CRS/4.7.0
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent “@pmFromFile /etc/cadd … ⌘ Read more

**Nice! I wrote another useful tool 👌

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
Actionset: OWASP_CRS/4.7.0
M ...**
Nice! I wrote another useful tool 👌

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent “@pmFromFile /etc/caddy/waf/bad_user_agents.txt” “id:2000,log,phase:1,deny,msg:‘Bad User Agent’”

⌘ [Read more](https://twtxt.net/twt/4nndfsa)

**How in da fuq do you actually make these fucking useless AI bots go way?

proxy-1:~# jq '. | select(.request.remote_ip=="4.227.36.76")' /v ...**
How in da fuq do you _actually_ make these fucking useless AI bots go way?

proxy-1:~# jq ‘. | select(.request.remote_ip==“4.227.36.76”)’ /var/log/caddy/access/mills.io.log | jq -s ‘. | last’ | caddy-log-formatter -
4.227.36.76 - [2025-01-05 04:05:43.971 +0000] “GET /external?aff-QNAXWV=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fmy-hero-ultra-impact-codes.linegames.org HTTP/2.0” … ⌘ Read more

(#d6gewza) Done.
Done. ⌘ Read more

(#d6gewza) @lyse Oh good! It works haha 🤣 I’ll bump it up a bit 👌
@lyse @lyse.isobeef.org Oh good! It works haha 🤣 I’ll bump it up a bit 👌 ⌘ Read more

And now I’ve applied rate limits on every site to reasonable values 👌
And now I’ve applied rate limits on every site to reasonable values 👌 ⌘ Read more

(#fc4hw5q) @bender@bender Isn’t that why um yarning my progress 🤣
@bender Isn’t that why um yarning my progress 🤣 ⌘ Read more

(#7xqzija) @kat I’ve actually moved most of my stuff of of Cloudflare now 🤣 I’m actually very happy with my edge proxy setup that reverse pro …
@kat @yarn.girlonthemoon.xyz I’ve actually moved most of my stuff of of Cloudflare now 🤣 I’m actually very happy with my edge proxy setup that reverse proxies, caches and acts as a web application firewall 🥳 ⌘ Read more

(#vyg3vca) @kat Have you seen the SSG that I built and use on all my static sites? zs 🤔
@kat @yarn.girlonthemoon.xyz Have you seen the SSG that I built and use on all my static sites? zs 🤔 ⌘ Read more

Oh gawd. I can’t enable caching on my edge proxy everywhere 😱 Some shit™ doesn’t deal with a caching reverse proxy in front of it very well …
Oh gawd. I can’t enable caching on my edge proxy everywhere 😱 Some shit™ doesn’t deal with a caching reverse proxy in front of it very well for some reason I don’t have time to dig into right now 🤔 ⌘ Read more

What’s a reasonable per second or per minute rate limit that I could apply in general at my edge proxy for all clients? (no matter what) … L …
What’s a reasonable per second or per minute rate limit that I could apply in general at my edge proxy for all clients? ( no matter what) … LIke a good reasonable upper bound? 🤔 ⌘ Read more

(#qed3omq) @movq@movq Yeah I swear to god the engineers that write this shit™ don’t know how to write distributed cralwers that …
@movq @www.uninformativ.de Yeah I swear to god the engineers that write this shit™ don’t know how to write distributed cralwers that don’t happy the shit™ out of their targets 🤦‍♂️ ⌘ Read more

(#qed3omq) @doesnm@doesnm No. I generally don’t put up any robots.txt files at all really, because they mostly get ignored. I don’t g …
@doesnm @doesnm.p.psf.lt No. I generally don’t put up any robots.txt files at all really, because they mostly get ignored. I don’t generally mind if “normal” web crawlers crawl things. But LLM(s) can go fuck themselves 🤣 ⌘ Read more