PinnedPublicExpiration: 11 days from now Stupid new updates for August 10 metatext
by gyrate Views 1144 Views Comments 4 Comments

Just stupid ops stuff:

  • Replaced Umami with GoAccess.
    • Umami was easy to set up, but it's stupid because it's just a JavaScript thing that barely works (my VPN won't even let me get to the website). GoAccess has access to the raw access logs, so now I can keep an eye on all the bots that are hammering away at the site in real-time.
  • New nginx error page that uses server-side includes to show error messages dynamically.
    • I was originally using Ansible to generate a static HTML page for each error, which was stupid, but the last time I used SSI was probably on Apache 25+ years ago (before I knew any proper web programming languages), so I totally forgot about that option. Nothing cool will happen if you visit the error page unless you cause an error somehow, but I left it public so I can more easily test style changes and whatnot. Fun fact: I made that ASCII art by hand when I was a teenager, and it still works on many computers to this day!
  • Planning to migrate from Digital Ocean to AWS because I think I want to run the site on ARM (Digital Ocean doesn't have ARM instances because they're stupid).
UnbespokenSatan 18 days ago

are you using fail2ban? before i gave esreality.com away i spent a lot of time analyzing bot traffic. it was pretty easy to determine that most (99%+) was coming from southeast asia, and pretty much everything was coming from aws/gcp/azure, so i just mass-blocked all the big cloud provider asns (esr was gatekept by cloudflare), then set up fail2ban to monitor for multiple 404s in a 2 minute span. i then set up honeypot style behavior where if an unauthenticated user visited urls that met specific criteria, they would get a 404 and requesting auth. the bots just kept trying to consume more instead of logging in, so they'd get temp-banned by fail2ban, and eventually they just gave up.

View
gyrate 16 days ago

I installed fail2ban, but it looks like I need to make my own filters for 444 responses (when something makes a request with an unknown virtual hostname) and requests for *.php.

View
UnbespokenSatan 13 days ago

thankfully the filters are stupid simple

View
gyrate 17 days ago

Fail2ban is the next thing on my list. I think can get rid of most bot traffic by just banning anything that connects with an unknown hostname.

View