💾 Archived View for lists.flounder.online › gemini › threads › 87tuh30y49.fsf@alexschroeder.ch.gmi captured on 2022-04-28 at 19:20:46. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
From: alex@alexschroeder.ch
Date: Wed, 27 Oct 2021 08:40:06 +0200
Message-Id: 87tuh30y49.fsf@alexschroeder.ch
To: <gemini@lists.orbitalfox.eu>
--------------------------------------
I kept working on this page on how to deal with bots, and I'd be happy
to add more ideas, or refine the existing sections. If anybody is
interested in how to get fail2ban to work with their server, I'd be
happy to add pages explaining how to do this if you provide me with a
log file snippet, for example.
//transjovian.org:1965/gemini/page/Dealing%20with%20bots
Feel free to copy and use elsewhere.
Feel free to mail me directly with comments.
From: cyber@sysrq.in
Date: Wed, 27 Oct 2021 12:14:51 +0500
Message-Id: YXj8a8jeaGrDt/qJ@sysrq.in
To: <gemini@lists.orbitalfox.eu>
In-Reply-To: 87tuh30y49.fsf@alexschroeder.ch
--------------------------------------
On 2021-10-27 08:40, Alex Schroeder wrote:
I kept working on this page on how to deal with bots, and I'd be happy
to add more ideas, or refine the existing sections. If anybody is
interested in how to get fail2ban to work with their server, I'd be
happy to add pages explaining how to do this if you provide me with a
log file snippet, for example.
=> //transjovian.org:1965/gemini/page/Dealing%20with%20bots
Feel free to copy and use elsewhere.
Feel free to mail me directly with comments.
Good job!
### Banning IP numbers is problematic
It’s true. Perhaps there’s a shared server at that IP number. One of
the users on that server writes a misbehaving bot and all are
punished. If you are concerned about that, your server needs to move
the dynamic content behind a client certificate requirement. There is
no other way to identify particular users using Gemini.
I'm concerned about that, so I have Tor exit nodes explicitly ignored
from blocking. That's what I have in my jail.d files (except for sshd):
ignorecommand = /bin/grep <ip> /etc/tor/torbulkexitlist
/etc/tor/torbulkexitlist is updated daily by a cronjob from
https://check.torproject.org/torbulkexitlist
From: alex@alexschroeder.ch
Date: Wed, 27 Oct 2021 13:06:07 +0200
Message-Id: 87r1c620dc.fsf@alexschroeder.ch
To: "Anna “CyberTailor”" <cyber@sysrq.in>
In-Reply-To: YXj8a8jeaGrDt/qJ@sysrq.in
Cc: <gemini@lists.orbitalfox.eu>
--------------------------------------
Anna “CyberTailor” <cyber@sysrq.in> writes:
I'm concerned about that, so I have Tor exit nodes explicitly ignored
from blocking.
I added a link to gemini://transjovian.org/gemini/page/fail2ban and
there I described your setup. Thanks again!
--
Fingerprint: DF94 46EB 7B78 4638 7CCC 018B C78C A29B ACEC FEAE
From: cyber@sysrq.in
Date: Thu, 28 Oct 2021 04:51:18 +0500
Message-Id: YXnl9qnnQKmNr8Fv@sysrq.in
To: <gemini@lists.orbitalfox.eu>
In-Reply-To: 87tuh30y49.fsf@alexschroeder.ch
--------------------------------------
I've stumbled upon a clever way to stop bots from accessing dynamic
content and infinite loops: a simple captcha!
> gemini://topotun.hldns.ru/cgi-bin/lock.cgi
< 10 Protection against bots. What is 2+2?
(translated ru-en)
It's so obvious but I've never thought about it lol.
This article has /brilliant/ captcha ideas by the way:
https://nearcyan.com/you-probably-dont-need-recaptcha/
My all-time favorites are:
https://wiki.gentoo.org/wiki/Special:CreateAccount
though, however unicode has enough math symbols)
https://lurkmore.to/Матановая_капча
From: u9000@posteo.mx
Date: Thu, 28 Oct 2021 11:18:11 +0000
Message-Id: 27f990d6f3de1ff4809f95f6d114f7c91fc92918.camel@posteo.mx
To: "Anna “CyberTailor”" <cyber@sysrq.in>, <gemini@lists.orbitalfox.eu>
In-Reply-To: YXnl9qnnQKmNr8Fv@sysrq.in
--------------------------------------
On Thu, 2021-10-28 at 04:51 +0500, Anna “CyberTailor” wrote:
I've stumbled upon a clever way to stop bots from accessing dynamic
content and infinite loops: a simple captcha!
> gemini://topotun.hldns.ru/cgi-bin/lock.cgi
< 10 Protection against bots. What is 2+2?
(translated ru-en)
So the bots will index gemini://capsule.example/locked-content?4
I think the better way to handle bots stuck in an infinite loop is to
ban them _temporarily_, or ban them just from the recursive links.
--
DJ Chase
They, Them, Theirs