Hey @prologic@twtxt.net 👋

@therealprologic@bridge.twtxt.net Okay so the mention translation is. busted and umm the threading is busted. But other than that, so far so good 😊

@c350a5e5fb9d9457@bridge.twtxt.net Does this mean we’res starting to work, this whole Twtxt <-> ActivityPub bridge thingy? 🤔

Oh my god! 🤣 It works! 🥳 My first Twt into the Fediverse (stil some improvements to be made of course), but still 😳 Wow! 🤩

@aelaraji@aelaraji.com Thanks for the account! I figured out one thing at least so far, my WAF was blocking some of the AP requests. Fixed that. Anyway, holiday time 🤣 Back in ~2 weeks.

Good to see so many folks starting to come back to our little non-social social ecosystem 👌 Good to also see twtxt.net starting to peer with 7 other pods in the greater network too! 🥳

@shinyoukai@neko.laidback.moe I don’t even know how to fix that 🤣 Do you? 🤔

@prologic@twtxt.net Your gitea thinks the LICENSE file in the yarn repository is SSPL-1.0 instead of GNU AGPL 3.0,
and I can’t help but giggle at that

@kiwu@twtxt.net at what price range are you looking to keep your expenses? A mobile phone camera doesn’t cut it?

@shinyoukai@neko.laidback.moe HAHAHAHAHAH! Hell yeah!!

@movq@www.uninformativ.de How sweet! :-) I find it super interesting that they’re kinda common around your area: https://de.wikipedia.org/wiki/Alexandersittich#Verbreitung We don’t have them here.

@shinyoukai@neko.laidback.moe there you go! What I am trying to say is, if @prologic@twtxt.net truly wants to be able to diagnose something as difficult to diagnose as ActivityPub, he ought to run his own. There is no workaround.

@prologic@twtxt.net I am telling you that is extremely easy: https://docs.gotosocial.org/en/latest/advanced/host-account-domain/. Now, if you are putting into account your rather… unique setup, then that’s another story.

@aelaraji@aelaraji.com It’s definately been a long and fast year that’s for sure 👍 Don’t worry!

@prologic@twtxt.net yeah, I’ve had even requested access to it in order to give it a try and report whatever I can but, Sorry I never got to do any of it. 2025 slam dunked a massive pile of 💩 over my life (hence the disappearance, trying to avoid talking about any of it) and I’m just starting to recover (or at least trying to).

@aelaraji@aelaraji.com I think I’ll just end up using the Official CrowdSec Go library 🤔

Speaking of WAF(s) / Web Applicaiton Firewalls – I actually had forgotten that not only have I designed a new WAF from scratch, but I’ve actually implemented it already, and done some local testing. I just haven’t put it into production yet… What od you think @aelaraji@aelaraji.com ? 🤔 https://git.mills.io/prologic/caddy-waf

@prologic@twtxt.net The periodic blacklists updates will be done automatically in the background, as for the different processing mechanisms (rules, collections of rules, remediation …etc) you just install/add the pre-made ones from the hub and call it a day, they’ll get periodic updates when needed. But you could easily create and add your own in case you want to block or white-list a specific behavior

Sometimes, (just sometimes) my ability to pattern match and remember how to play perfect games of chess is awesome 😎

@aelaraji@aelaraji.com Good luck! 🤞

@shinyoukai@neko.laidback.moe If you’re after a list of bad ASN(s) I have such a list handy here 😂

@prologic@twtxt.net @aelaraji@aelaraji.com https://http.cat/status/402

@aelaraji@aelaraji.com Ahhh! That would be even funnier and even more brilliant! 🤣 If you can find this, I would happily employ this tactic next time and make ‘em pay 💰 Bahahahaha 🤣

@shinyoukai@neko.laidback.moe You would have to pull main and build from source 🤣 I promise I’ll make a new major release soon™ – Only been promising that for a while now, but it will happen this year 🤣

@aelaraji@aelaraji.com Yeah and I think I can basically pull the crowssec rules every N interval right and use this to make blocking decisions? – I’ve actually considered this part of a completely new WAF design that I just haven’t built yet (just designing it).

@prologic@twtxt.net I remember reading a blog-post where someone has been throwing redirects to some +100GB files (usually used for speed testing purposes) at a swarm of bots that has been abusing his server in order to criple them, but I can’t find it anymore. I’m pretty sure I’ve had it bookmarked somewhere.

@prologic@twtxt.net 😂HAHA, thanks!

@prologic@twtxt.net The main thing that I tought of is that whomever is abusing your services must be a well known actor (by range/set of IPs) that got reported by other Crowdsec users. So to my simpleton’s understanding, your reverse-proxy/web server passes the requests by crowdsec for processing, they get banned for $N hours if the source has already been blacklisted by the community or violates any of a set of behavior base rules (and even more hours for repeat offenders); otherwise the requests/responses go as per usual. Not sure if I got things right but this might help paint a better picture of the process.

Anyone on my pod (twtxt.net) finding the new Filter(s) useful at all? 🤔

@bender@twtxt.net That’s not the problem. The problem is the complex DNS setup and delegation. I’ve gotten it working once before, but it’s not that easy if you don’t intend to run it on the APEX Domain.

@prologic@twtxt.net I will share later my GoToSocial 10 lines (or less) config.yaml, and 4 lines Caddyfile, and you will see how easy it is.

@prologic@twtxt.net How so? even I (the caveman) am running one 😂

@prologic@twtxt.net I’ll create one manually and send you the creds so you can change them as soon as you log in (my instance isn’t set up to send emails). Not sure how you could get access to logs, not even my admin account has that on the admin panel. I just snoop trough the /var/log/* when needed.

@shinyoukai@neko.laidback.moe Yes 👍

Up Next:

Twtxt feed support for Kosuzu
A simpler theme for Yarn, perhaps?

@movq@www.uninformativ.de sorry dude I think we’re getting our language confused. I think I actually meant private Internet connections.

@prologic@twtxt.net Yeah, I meant ISPs. Hm, okay. 🤔

Tired to re-enable the Ege route to git.mills.io today (after finishing work) and this is what I found 🤯 Tehse asshole/cunts are still at it !!! 🤬 – So let’s instead see if this works:

$ host git.mills.io 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases:

git.mills.io is an alias for fuckoff.mills.io.
fuckoff.mills.io has address 127.0.0.1

PS: Would anyone be interested if I started a massive global class action suit against companies that do this kind of abusive web crawling behavior, violate/disregards robots.txt and whatever else standards that are set in stone by the W3C? 🤔

@bender@twtxt.net Maybe so. But running Mastodon or GotoSocial is actually not as easy as you’d think 😂

@prologic@twtxt.net it would have been so much easy to run your own. I guess we all like to suffer every once and then, and this time is your turn. 😅

@movq@www.uninformativ.de If by that you mean ISP(s)? No. so far most are hosting providers by the looks? 🧐

@aelaraji@aelaraji.com Ahh that would be awesome!!! I’d also somehow need read access to logs so i can figure shit out on my own 🧐

@aelaraji@aelaraji.com Haha! 😂 Welcome back 🙌

@aelaraji@aelaraji.com Tell me more? How does this work?

@prologic@twtxt.net I’d say give crowdsec a try but I know for sure you prefer your own WAF … 😅

@prologic@twtxt.net Let me know if you still need an account for testing. My tin-can bandwidth is slow AF but usable if you don’t mind the speed.

Oh fuck me! I had basically turned off the route to git.mills.io last night and went ot bed at ~2AM after unsuccessfully trying to control the attacks (bad bots) that were behaving like a DDoS attack. Tried to re-enable the route this monring and *BOOM, they’re back! As-if they never stopped?! what da actual fuq?! Anyone have any clever ideas of what I can do here to allows normal users, like you nice folk and block ths obnoxious traffic?!

@zvava@twtxt.net I am waiting for that v1, so that I can start using it. 🙏🏻

@iolfree@tilde.club @movq@www.uninformativ.de So true! Good read, thanks for recommending. :-)

@iolfree@tilde.club They’re not wrong, are they? 😅

@movq@www.uninformativ.de I just skip all those merchants who only accept PayPal or credit card.

@prologic@twtxt.net Do these IPs belong to hosting providers or to providers of private internet connections? The latter is what I’m seeing on my server …

Fark me again with the bots. This time DDoS-style crawling from hundreds of IPs and dozens of ASN(s) wtf?!
I’ve had to disale the Ingress to my Git instance for the time being, i need to sleep and I can’t fight this :/

@prologic@twtxt.net We have a bit of a vendor lock-in here in Germany: PayPal is sometimes the only non-shady option to pay for something. ☹️

@bender@twtxt.net Just a donations thiny I knew about from years ago that I never setup properly. Now an acceptable form of donation on my prologic.dev site 👌 (if anyone ever does that is!)

@prologic@twtxt.net what’s that?

@shinyoukai@neko.laidback.moe Haha 🤣 Nice typo there!

@shinyoukai@neko.laidback.moe I’m mostly against it because it forces Javascript™ on the client(s) at a blanket level. Doing “Proof-of-Work” explicitly IMO is fine™, but not at an Ingress/Edge level IMO – Which is why I haven’t adopted it myself.

@yarn_police@twtxt.net good thing we got law and order around here. And I mean, literally! 😅

@arne@uplegger.eu Das klingt interessant. Aber wer definiert, welche Projekte darunter fallen? Keine Ahnung wie das sonst so mit dem Ehrenamt ist, aber das müssen ja dann auch gemeinnützige Vereine oder etwas Vergleichbares sein, oder? :-?

Wenn ich in der Petition schon wieder KI les, wird mir gleich anders.

@prologic@twtxt.net Oh shit, that’s not healthy! :-(

@movq@www.uninformativ.de @bender@twtxt.net @prologic@twtxt.net That’s fine with me. It could be even the 1st January 2026, as simple as the change really is.

But it would be also alright to just stick with July, so that I don’t have to update the tests. :-P

@movq@www.uninformativ.de Dang it. :-(

@prologic@twtxt.net oh man, I envy you. I want an Asian vacation (Japan 😍) so badly!

@movq@www.uninformativ.de @bender@twtxt.net I’ll also start spamming from my upcoming Vietnam holiday (flying out this Friday) for a couple of soliday weeks 🤣

@movq@www.uninformativ.de Seems fine to me! Plenty of time to get our shit™ in order! 🙌

@bender@twtxt.net Once Advent of Code starts, I’ll start spamming, don’t worry. 😅

@movq@www.uninformativ.de looks good to me! 🎉

One can tell holidays are abound; even twtxt slows down to almost a halt.

Hm, so regarding the hash change:

https://git.mills.io/yarnsocial/twtxt.dev/pulls/28

How about 2026-03-01 00:00:00 UTC as the cut-off date? 🤔

@lyse@lyse.isobeef.org Probably wouldn’t help, since almost every request comes from a different IP address. These are the hits on those weird /projects URLs since Sunday:

    1 IP  has  5 hits
    1 IP  has  4 hits
   13 IPs have 3 hits
  280 IPs have 2 hits
25543 IPs have 1 hit

The total number of hits has decreased now. Maybe the botnet has moved on …

@lyse@lyse.isobeef.org ugh, well, there goes my thought.

@shinyoukai@neko.laidback.moe Welcome back! 🤟 You have been missed! 😅

@shinyoukai@neko.laidback.moe Welcome back 🤟

@movq@www.uninformativ.de Fail2ban to the rescue? :-?

@movq@www.uninformativ.de In my current project I’m typically far away from this pile of shit. Let’s see how the project will be in this regard.

@bender@twtxt.net Unfortunately, this also breaks the browser search.

@movq@www.uninformativ.de I’m raising my hand for tt.

@movq@www.uninformativ.de I think you will like this one: https://gibberifier.com/

@movq@www.uninformativ.de “resistance is futile, you will be assimilated”. :-D

@prologic@twtxt.net I have returned

@movq@www.uninformativ.de pinging @zvava@twtxt.net, on your behalf. And @falsifian@www.falsifian.org.

Which actively maintained Yarn/twtxt clients are there at the moment? Client authors raise your hands! 🙋

This is what this looked like visually 😳

@prologic@twtxt.net Time to make a new internet. Maybe one that intentionally doesn’t “scale” and remains slow (on both ends) so it’s harder to overload in this manner, harder to abuse for tracking your every move, … Got any of those 56k modems left?

(I’m half-joking. “Make The Internet Expensive Again” like it was in the 1990ies and some of these problems might go away. Disclaimer: I didn’t have my coffee yet. 😅)

Fark me 🤦‍♂️ I woke up quite late today (after a long night helping/assisting with a Mainframe migration last night fork work) to abusive traffic and my alerts going off. The impact? My pod (twtxt.net) was being hammered by something at a request rate of 30 req/s (there are global rate limits in place, but still…). The culprit? Turned out to be a particular IP 43.134.51.191 and after looking into who own s that IP I discovered it was yet-another-bad-customer-or-whatever from Tencent, so that entire network (ASN) is now blocked from my Edge:

+# Who: Tentcent
+# Why: Bad Bots
+132203

Total damage?

$ caddy-log-formatter twtxt.net.log | cut -f 1 -d  ' ' | sort | uniq -c | sort -r -n -k 1 | head -n 5
  61371 43.134.51.191
    402 159.196.9.199
    121 45.77.238.240
      8 106.200.1.116
      6 104.250.53.138

61k reqs over an hour or so (before I noticed), bunch of CPU time burned, and useless waste of my fucking time.

@movq@www.uninformativ.de That’s what tests are for. To fix them. :-D

@lyse@lyse.isobeef.org Oops. 😅 But yay, it’s working. 🥳

All my newly added test cases failed, that movq thankfully provided in https://git.mills.io/yarnsocial/twtxt.dev/pulls/28#issuecomment-20801 for the draft of the twt hash v2 extension. The first error was easy to see in the diff. The hashes were way too long. You’ve already guessed it, I had cut the hash from the twelfth character towards the end instead of taking the first twelve characters: hash[12:] instead of hash[:12].

After fixing this rookie mistake, the tests still all failed. Hmmm. Did I still cut the wrong twelve characters? :-? I even checked the Go reference implementation in the document itself. But it read basically the same as mine. Strange, what the heck is going on here?

Turns out that my vim replacements to transform the Python code into Go code butchered all the URLs. ;-) The order of operations matters. I first replaced the equals with colons for the subtest struct fields and then wanted to transform the RFC 3339 timestamp strings to time.Date(…) calls. So, I replaced the colons in the time with commas and spaces. Hence, my URLs then also all read https, //example.com/twtxt.txt.

But that was it. All test green. \o/

@thecanine@twtxt.net @movq@www.uninformativ.de Unfortunately, yes.

@thecanine@twtxt.net That image is correct.

@xuu@txt.sour.is when it is extremely important to be the very best at everything, nothing can be left behind. Not even a piss drinking contest!

@bender@twtxt.net Thanks. That pulley is just to hang back up the telephone wire (on the ground in 16) for that farm and restaurant in 04 once they finish logging. Hahahahahaaahaaaa, I didn’t see the nails on top of the pole. :-D

Yup, these ice crystals are just lovely. :-)

@prologic@twtxt.net Who’s got a life besides work, huh? Yeah, no, thanks, mate! Scratch that.

@bender@twtxt.net Don’t even think that was on the cards I’m afraid 😳 But yes I’ve said that in a message to the recruiter.

@prologic@twtxt.net counter that you would only work remote.

@kiwu@twtxt.net I’m glad you’re liking the updates haha 😆

@lyse@lyse.isobeef.org @bender@twtxt.net Pfft, they want folks to relocate to Sydney. Fuck that 🤣 Sydney is a bit like San Francisco, I’m not actually sure which is worse. Fuck’n expensive as hell, the only palce you’d be able to afford to buy or rent is at least ~2hrs out of the city by public transport (i.e: train) and by that time you’ve just pissed your life down the toilet, because you’d be expected ot work a 9-10hr day + 2-3hrs of travel each way, buy the time you factor in having to wake up super early to get ready to travel in to work, you basically have zero time for anything else, let alone your ufamily,

Fuck that.

Hello @therealprologic@bridge.twtxt.net 👋