It seems like this is cached, I think levels is doing good work with this.

Hell0 here

Happy to find this secret place on the gopherspace

It turns out my ISP supports ipv6. After 4-5 months with only ipv4, I thought to ask customer support, and they told me how to turn it on. (I’m pretty happy with ebox so far. Low-priced fibre with no issues so far. Though all my traffic goes through Montreal, 500km away from me in Toronto, which adds a few ms to network latency.)

So I need to figure out how to block ASN(s)…

Additionally, I’ thinking of; How to detect DDoS attachs?

Here’s one way I’ve come up that’s quite simple:

Detecting DDoS attacks by tracking requests across multiple IPs in a sliding window. If total requests exceed a threshold in a given time, flag as potential DDoS.

On my blog: 🍾 Happy Belated Calendar-Changing Day, 2025 🎆 https://john.colagioia.net/blog/2025/01/05/hny2025.html #holiday #newyear #publicdomain

@lyse@lyse.isobeef.org Cool 👌

Hmmm so I’ve sustained two DDoS attacks on my Gitea server today. A few hours apar. Still analyzing the traffic…

“We are…so far removed from the realities of production and work that we inhabit a dream world of artificial stimuli and televised experience.” 📀💩 Добре дошли в пост-дигиталното бъдеще

For the time being… I’ve just blocked all of OpenAI(s) Bots. They (thankfully) publish a JSON endpoint that you can use to block all OpenAI crawlers from reaching your server (in my case, blocking it at the edge). Example:

proxy-1:~# curl -qs https://openai.com/gptbot.json | jq -r '.prefixes[].ipv4Prefix' | xargs -I{} ./block-ip.sh {}

Where block-ip.sh is simply:

#!/bin/sh

ufw insert 1 deny from "$1" to any

@aelaraji@aelaraji.com Yes! 👏 This is exactly what it is! 🤣 I will of course soon™ be hosting this service, likely at validator.twtxt.net 😅😅

Any idea What’s this "twtxtfeevalidator/0.0.1" UA about? I thought I could ask before throwing a 1000GB file at it 🪤 could it be the same ‘xt’ thing @lyse@lyse.isobeef.org was talking about the other day?

@kat@yarn.girlonthemoon.xyz Haha 🤣 If someone figures this out, please let me know 🙏🙏 – In the meantime, I’m going to very soon™ write a daemon that will watch the audit log for repeated violations and add to the network firewall.

This is better:

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
2025/01/04 23:17:04 4.227.36.76 58982 GET /external?aff-HY0BLO=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fthe-president-codes.linegames.org null 0  On OWASP_CRS/4.7.0
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent "@pmFromFile /etc/caddy/waf/bad_user_agents.txt" "id:2000,log,phase:1,deny,msg:'Bad User Agent'"

Nice! I wrote another useful tool 👌

proxy-1:~# ./audit-log-by-ip.sh 4.227.36.76 | coraza-log-formatter -m -
Actionset: OWASP_CRS/4.7.0
Message: Bad User Agent
Severity: 0
Raw: SecRule REQUEST_HEADERS:User-Agent "@pmFromFile /etc/caddy/waf/bad_user_agents.txt" "id:2000,log,phase:1,deny,msg:'Bad User Agent'"

@prologic@twtxt.net we live in hell

went out with my family today, brought my camcorder, resulted in a little vlog :) https://memoria.sayitditto.net/view?m=SjbDq15bL

How in da fuq do you actually make these fucking useless AI bots go way?

proxy-1:~# jq '. | select(.request.remote_ip=="4.227.36.76")' /var/log/caddy/access/mills.io.log | jq -s '. | last' | caddy-log-formatter -
4.227.36.76 - [2025-01-05 04:05:43.971 +0000] "GET /external?aff-QNAXWV=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fmy-hero-ultra-impact-codes.linegames.org HTTP/2.0" 0 0
proxy-1:~# date
Sun Jan  5 04:05:49 UTC 2025

😱

Web page annoyances that I don’t inflict on you
Article URL: http://rachelbythebay.com/w/2025/01/04/cruft/

Comments URL: https://news.ycombinator.com/item?id=42599102

Points: 500

# Comments: 269 ⌘ Read more

Done.

@lyse@lyse.isobeef.org Oh good! It works haha 🤣 I’ll bump it up a bit 👌

Should Waymo Robotaxis Always Stop For Pedestrians In Crosswalks?
“My feet are already in the crosswalk,” says Geoffrey A. Fowler, a San Francisco-based tech columnist for the Washington Post. In a video he takes one step from the curb, then stops to see if Waymo robotaxis will stop for him. And they often didn’t.

Waymo’s position? Their cars consider “signals of pedestrian intent” including forward motion wh … ⌘ Read more

And now I’ve applied rate limits on every site to reasonable values 👌

@bender@twtxt.net Isn’t that why um yarning my progress 🤣

Ontem pusemos a tocar uma música do Pavarotti, e agora a miúda (quase 2anos) anda a pedir a “canção do paparoti” e está a ser difícil lidar :i_cant:

@movq@www.uninformativ.de woah it’s like a cheatsheet with explanations! java is kind of arcane magic sorcery to me so i’m having trouble understanding it but i have that with most programming languages. this is like so much easier to actually look at and read instead of my eyes glazing over lol

@andros@twtxt.andros.dev Sorry I missed your messages to #twtxt on IRC. There are people there, but it can take several hours to get a response. E.g. I check it every day or two. I recommend using an IRC bouncer. To answer your question about registries, I used a couple of registries when I first started out, to try to find feeds to follow, but haven’t since then. I don’t remember which ones, but they were easy to find with web searches.

#petpeeve - when in the middle of a #book series, the publisher decides the books should be 1cm taller

@prologic@twtxt.net YEAH it’s so cool!!! i was thinking about trying it as sorta practice for golang lol

@kat@yarn.girlonthemoon.xyz I’ve actually moved most of my stuff of of Cloudflare now 🤣 I’m actually very happy with my edge proxy setup that reverse proxies, caches and acts as a web application firewall 🥳

@kat@yarn.girlonthemoon.xyz Have you seen the SSG that I built and use on all my static sites? zs 🤔

Oh gawd. I can’t enable caching on my edge proxy everywhere 😱 Some shit™ doesn’t deal with a caching reverse proxy in front of it very well for some reason I don’t have time to dig into right now 🤔

the windows CSS frameworks are sooo epic like you mean i can click a win aero button in my browser?!?! WITCHCRAFT!

morning yarn friends i’ve been playing with astro the SSG and it’s a blast i see why my friends love it and rec it to everyone. i may think javascript was a mistake but this is super cool

@prologic@twtxt.net that’s iconic af though like i should do the same bc i hate cloudflare that much i just refuse to use them

@lyse@lyse.isobeef.org oh nah it came out like that lol! i actually love how squished it looks it feels accurate lol

oh yeah i think i might have a tripod around but i do need a sandbag or something i could use as one. maybe yeah a giant bag of rice could work LOL. thanks for the tips!!! i took a video class last year in college and we worked with cameras and tripods with sandbags so it was on my mind

@lyse@lyse.isobeef.org yeah! as long as it’s fun :D experimenting with it like picking up the camera every once in a while to point somewhere else, or in editing inserting more video in between the static angles, that could be fun!

@movq@www.uninformativ.de this is why people like me can’t code this is boring eyes glazing over kinda stuff lol

What’s a reasonable per second or per minute rate limit that I could apply in general at my edge proxy for all clients? (no matter what) … LIke a good reasonable upper bound? 🤔

C’est drôle comme j’ai plein de choses d’un seul coup hyper intéressantes à faire, comme changer le thème du curseur de ma souris ou tester un nouveau thème GTK. Pile quand j’ai des tas de bulletins semestriels à compléter. Bizarre 👼

@movq@www.uninformativ.de Yeah I swear to god the engineers that write this shit™ don’t know how to write distributed cralwers that don’t happy the shit™ out of their targets 🤦‍♂️

@doesnm@doesnm.p.psf.lt No. I generally don’t put up any robots.txt files at all really, because they mostly get ignored. I don’t generally mind if “normal” web crawlers crawl things. But LLM(s) can go fuck themselves 🤣

Did you have disallow rule in robots.txt? (I think not because can google several twtxt.net posts)

@movq@www.uninformativ.de Yeah it’s starting to piss me off too 🤣 Not nearly as much as that guy, but stil. Anyway I’m having fun! Now I just need to find a good IP/Subnet list that I can blacklist entirely, ideally one that’s updated frequently so I can refresh firewall rules.

Bloody fucking hell. I think one of Google’s GenAI crawlers was just hitting my Gitea instance quite hard. Fuck 🤬 Geez

On my blog: Free Culture Book Club — Trans Girl Project, part 2 https://john.colagioia.net/blog/2025/01/04/trans-girl-2.html #freeculture #bookclub

@movq@www.uninformativ.de Oh 🤦‍♂️

I just banned 41 bad user agents from accessing any of my services. 😱

@movq@www.uninformativ.de How do you manage to get those skulines on your photos? 🤔

@doesnm@doesnm.p.psf.lt No, it’s only designed for yarnd. What did you have in mind here? 🤔

Yes, ik. But i can’t use this api without yarn.social (feed is just file)

@doesnm@doesnm.p.psf.lt It is the same API that yarnc the command-line client uses.

Want this API for Goryon or just Goryon with support to just twtxt.txt. I can’t read timeline without visible replies and missing twts

Self driving 1993 Volvo with open pilot
Article URL: https://practicapp.com/carbagepilot-part1/

Comments URL: https://news.ycombinator.com/item?id=42592910

Points: 500

# Comments: 116 ⌘ Read more

dagum those are huge images.

i.e: Not much point in running a WAF on a static site. But OTOH if there’s enough abuse from shitty assholes, there might be 🤔🤔

I’m just basically learning now how ModSecurity rules work and how to write my own.

The builtin OWASP rules are already working nicely 👌 – And yeah I won’t include the WAF on every site block, probably just my main/primary domain where I tend to run demo services and other things.

@kat@yarn.girlonthemoon.xyz If you’ve been following my yarns the other day about me getting off of Clownflare and building my own WAF, Proxy and effectively my own Edge network, you’ll know I’m doing this at the very edge 🤣🤣

@prologic@twtxt.net oooh gonna have to look into this, doubt most of my sites need it but i’m thinking one or two could use it

Having a lot of fun with Coraza today. A Web Application Firewall library written in Go that also happens to have a Caddy module.

@bender@twtxt.net Hey ! 👋

@eapl.me@eapl.me And here I always lived by:

Problems are solved by method.
– Dr. Don Abel.

🥱 morning y’all 👋 Soo tired 🥱 Need coffee!!! ☕️☕️☕️☕️

@lyse@lyse.isobeef.org It does not 🤣 Shsll I enable it? 🤣

having a cry to birdhouse in your soul

If you want a problem solved, you give it to someone as a project. If you don’t want a problem to be solved, you give it to someone as a job

Why you shouldn’t build your career around existential risk
https://guzey.com/existential-risk/

@kat@yarn.girlonthemoon.xyz here it is :) https://memoria.sayitditto.net/view?m=UyMOOoiOy

On my blog: Toots 🦣 from 12/30 to 01/03 https://john.colagioia.net/blog/2025/01/03/week.html #linkdump #socialmedia #quotes #week

i recorded my first camcorder video!!!! it’s just me practicing guitar after sooo long of not playing it. my acoustic, to be specific (well, it’s an electric acoustic thing but i can play it without plugging it in lol, i do have a stratocaster though). it’s capped at ~30 minutes because i used one mini DVD for it and decided i wasn’t gonna use another one to extend the run time. so yeah. it was super fun! i hope i can share it soon, i’m ripping the disc with make MKV right now, then i’ll re-encode to a web friendly format, and upload to my site and hope that works well

@lyse@lyse.isobeef.org it’d be a blast to record too with my camcorder! i’d have to figure out positioning and stuff like you said but i could probably figure something out with a bit of testing :P yeah it probably does make the project itself longer than it should be but i feel like if you make it a cozy kinda “sew with me” video where people watch you sew and film it with a static angle instead of like, showing every step? i think that’d be nice even if a bit boring. so i could absolutely try that.

magnetic tape camcorders omg!!! mine is digital but i’d LOVE to get a tape camcorder

My #fridayreads is CBA vol 58, the “C’est Bon Anthology” entitled “Modern Glossolalia or the Erosion of Meaning”.

How do we talk when words that used to mean certain things have become so vague that they can be freely appropriated by anyone, for any purpose? And what’s up with the currently so prevalent flirting with war, fascism and the dehumanization of anyone who doesn’t fit into the unspoken and conveniently unspecified national identity?

Released in 2022, it feels even more up-to-date today.

##bookstodon

Image

@bender@twtxt.net aw thank you so much!!! rambling is the best… just gotta keep on going about what we love and somehow people like it lol!

@bender@twtxt.net wow almost 6am damn!!! yeah i’m EST too :)

need to come up with ideas for camcorder videos… i have one but it’s just ‘talk in front of camera about fave songs i listened to in 2024’ and i wanna do more fun things even though rambling in front of cam is already fun af

i want to make camcorder videos with this girl’s vibe she is insane https://www.youtube.com/channel/UCg9isnie-qBpPIWx4ZQOnJw

good morning yarn friends! it’s noon here but i woke up an hour ago. much better compared to waking up at 4pm yesterday

@prologic@twtxt.net oh it’s ok! thank you for the explanation! i think for me when it comes to programming i learn best by doing, so like written examples or talking about it helps less, BUT baseline explanations like what a pointer is does help! i was so confused and i still need to fix the error i’m having but i will figure it out!

@lyse@lyse.isobeef.org AWWWW OMG THAT’S SO CUTE

@movq@www.uninformativ.de REALLLL

@bender@twtxt.net It’s true! 🤣 It’s a total garbage nonsense title. But the actual research paper that the video references is real. Apple did in fact do a bunch of research and proved what we already know 🤣 – That is, AI is stupid 🤣

@movq@www.uninformativ.de Amend 🙏

But to be fair, we already knew this… I’ve observed it first hand, we knew it at the beginning. I’ll just leave you with this:

Stochastic Parrot

or put simply:

Artificial Incompetence

Apple DROPS AI BOMBSHELL: LLMS CANNOT Reason - YouTube

Can LLMs write better code if you keep asking them to “write better code”?
Article URL: https://minimaxir.com/2025/01/write-better-code/

Comments URL: https://news.ycombinator.com/item?id=42584400

Points: 501

# Comments: 300 ⌘ Read more

@movq@www.uninformativ.de Fuxking awesome 🙃😍

Windows 3.11 forever ☻

@movq@www.uninformativ.de Yup! 😅