I’ve been poking around with #Crowdsec for the past couple of days, had to deal with a lot of false paositives but I’m starting to get it. I’ve even hooked it up with #Ntfy just because I can. Now I should try making my own scenarios and see how it goes.
↳
In-reply-to
»
Some A hole has been trying to pull every single Twtxt feed that existed/still exists since forever. How do I know? Welp' They've been querying my Timeline™ instance for all of it, every single twtxt file and twt Hash they can find. 😆🤦 It must have been going on for days and I have just noticed... + it's all coming from the same ASN
⤋ Read More
AS136907 HWCLOUDS-AS-AP HUAWEI CLOUDS
@prologic@twtxt.net This shi_ is as fun as it is frustrating! 😆 the bot is poking at me from a different ASN now, Alibaba’s.
- Short term solution: I’ve geo-locked my Timeline instance since I’m the only one using it (and I only do so for reading twts when I’m away from terminal).
- Long term: I took a look at your Caddy WAF but couldn’t figure things out on my own; until then, I’ll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols… #FUN