Selfhosted

45388 readers

566 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

130

Cheapskate's Guide: Nuking web-scraping bots (cheapskatesguide.org)

submitted 3 days ago by [email protected] to c/[email protected]

28 comments fedilink hide all child comments

Lemmy newb here, not sure if this is right for this /c.

An article I found from someone who hosts their own website and micro-social network, and their experience with web-scraping robots who refuse to respect robots.txt, and how they deal with them.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 2 days ago (1 children)

Absolutely; if I was a company, or hosting something important, or something that was intended for the general public, then I'd agree.

But I'm just an idiot hosting whimsical stuff from my basement, and 99% of it is only of interest for my friends. I know ~everyone in my target audience, and I know that none of them use a VPN for general-purpose browsing.

As it is, I don't mind keeping the door open to the general public, but nothing of value will be lost if I need to pull the plug on some more ASN's to preserve my bandwidth. For example when a guy hopping through a VPN in Sweden decides to download the same zip file thousands of times, wasting terabytes of traffic over a few hours (this happened a week ago).

[–] [email protected] 1 points 2 days ago

I know that none of them use a VPN for general-purpose browsing.

Interesting. The most common setup I encounter is when the VPN is implemented in the home router - that's the way it is in my house. If you're connected to my WiFi, you're going through my VPN.

I have a second VPN, which is how my private servers are connected; that's a bespoke peer-to-peer subnet set up in each machine, but it handles almost no outbound traffic.

My phone detects when it isn't connected to my home WiFi and automatically turns on the VPN service for all phone data; that's probably less common. I used to just leave it on all the time, but VPN over VPN seemed a little excessive.

It sounds like you were a victim of a DOS attack - not distributed, though. It could have just been done directly; what about it being through a VPN made it worse?