My twtxt instance is under a de-facto attack. Or, at this point, I can’t even differentiate an attack from the other in the constant barrage or malicious requests.

There were so many bots hammering it, in only 3 days, they consumed the ironically significant amount of 666 MB — I kid you not! In the last 24 hours, there were 59,673 hits on this endpoint alone.

I had to put my twtxt web interface behind a password-protected BasicAuth directive. As I’m the only one using it, it’s fine.

Bots, scrappers and Large Laggy Manglers are poisoning the open web.