A big issue is that this works for bots that announce themselves as such, but there’s lots that pretend to be regular users, with fake user agents and ips selected from a random pool with each ip only sending like 1-3 request/day, but overall many thousands of requests. In my experience a lot of them are from huawei and tencent cloud/ASN

it’s iocaine not Locaine, tripped me up at first as well.

What you said is like “i’m going to delete linux and install ubuntu”, but then there’s not really a name for the android that comes with your phone. “stock android” probably is the closest term you get to distinguish between the OS family and the thing actually installed, but all the companies customize their android, so it’s not like there’s just one “stock android”.

i mean, I’m sure samsung has some term for their android, but i doubt anyone use this outside of samsung.

Pinta is my goto replacement for paint.net on linux. It also loads really fast and has most of the basic editing needs covered.

The funniest one was the example of a rich guy leaving germany because of inheritance tax being used to prove this.

Only that he left germany for switzerland and there’s not really any other countries around with no inheritance tax

Yes, ~4million CHF against (mostly big donations and organisations) vs 400’000 for (mostly small private donations)

You mean for the referer part? Of course you don’t want it for all urls and there’s some legitimate cases. I have that on specific urls where it’s highly unlikely, not every url. E.g. a direct link to a single comment in lemmy, and whitelisting logged-in users. Plus a limit, like >3 times an hour before a ban. It’s already pretty unusual to bookmark a link to a single comment

It’s a pretty consistent bot pattern, they will go to some subsubpage with no referer with no prior traffic from that ip, and then no other traffic from that ip after that for a bit (since they cycle though ip’s on each request) but you will get a ton of these requests across all ips they use. It was one of the most common patterns i saw when i followed the logs for a while.

of course having some honeypot url in a hidden link or something gives more reliable results, if you can add such a link, but if you’re hosting some software that you can’t easily add that to, suspicious patterns like the one above can work really well in my experience. Just don’t enforce it right away, have it with the ‘dummy’ action in f2b for a while and double check.

And I mostly intended that as an example of seeing suspicious traffic in the logs and tailoring a rule to it. Doesn’t take very long and can be very effective.

This is the way. I also have rules for hits to url, without a referer, that should never be hit without a referer, with some threshold to account for a user hitting F5. Plus a whitelist of real users (ones that got a 200 on a login endpoint). Mostly the Huawei and Tencent crawlers have fake user agents and no referer. Another thing crawlers don’t do is caching. A user would never download that same .js file 100s of times in a hour, all their devices’ browsers would have cached it. There’s quite a lot of these kinds of patterns that can be used to block bots. Just takes watching the logs a bit to spot them.

Then there’s ratelimiting and banning ip’s that hit the ratelimit regularly. Use nginx as a reverse proxy, set rate limits for URLs where it makes sense, with some burst set, ban IPs that got rate-limited more than x times in the past y hours based on the rate limit message in the nginx error.log. Might need some fine tuning/tweaking to get the thresholds right but can catch some very spammy bots. Doesn’t help with those that just crawl from 100s of ips but only use each ip once every hour, though.

Ban based on the bot user agents, for those that set it. Sure, theoretically robots.txt should be the way to deal with that, for well behaved crawlers, but if it’s your homelab and you just don’t want any crawlers, might as well just block those in the firewall the first time you see them.

Downloading abuse ip lists nightly and banning those, that’s around 60k abusive ip’s gone. At that point you probably need to use nftables directly though instead of iptables or going through ufw, for the sets, as having 60k rules would be a bad idea.

there’s lists of all datacenter ip ranges out there, so you could block as well, though that’s a pretty nuclear option, so better make sure traffic you want is whitelisted. E.g. for lemmy, you can get a list of the ips of all other instances nightly, so you don’t accidentally block them. Lemmy traffic is very spammy…

there’s so much that can be done with f2b and a bit of scripting/writing filters

It’s pretty normal in taiwan, everything is presented in a cute way. E.g. the signs against sexual harassment on public transport https://www-ws.gov.taipei/001/Upload/405/relpic/18288/136717/69e3b002-46fe-4880-a801-3a88b9d5c5a2.jpg

Crazy how it went from this 5 months ago to this two weeks ago, talk about Streisand effect

they did and i’d be surprised if it didn’t continue with more strikes

Of course there are. But I mean, women’s hormones do affect mood during the menstrual cycle (my wife certainly says she’s more iritable before her period), and afaik the hormone therapy is some of the same hormones, so it didn’t seem far fetched at all to me that it could play a role. hence me asking.

but could as well have been some deep seated anger at the world or similar, or something in between. Mostly I was just trying to think of reasons for why she might not be as bad as she was seeming, benefit of the doubt kind of thing.

I used to work with a trans woman who was a huge bitch, at least some of the time. Like actually shouting at coworkers for tiny mistakes, all-caps shouting in company chat at people trying to help with stuff, thinking she’s the smartest person in any room, that kind of stuff.

i’ve always wondered if she’s just a bitch or if at least some of it could be a side effect of hormone therapy? I mean, completely changing the hormones for your body must have some pretty dramatic effects in many areas and might take a long time until your body adjusts.

but a definitely won’t just ask ‘yo. Are you just a huge bitch or is it your medication’ in a corporate setting.

[edit] just for clarity, she started transitioning about 1 month after she joined that team and I left after about a year and a half, in part because of the mood on the team going to shit, among other reasons. But so I couldn’t compare to pre-hormone therapy or anything like that.

[edit2] thank you for all the replies, this was really enlightening and answered a lot of questions! Especially on a topic i feel is discussed less often, or at least I haven’t come across.

Just to be clear, I’m not defending the decision in any way. The issue here is with letting him go free, that’s disgusting and should not have happened.

The privacy part makes sense to me. If the purpose of prison/the justice system is resocialization, instead of punishment, then having your name all over the news just screws you over forever, even if in the eye of the law you did your time and don’t pose a risk anymore, regret your crime etc., and it increases the chance of them just going back to crime when they leave prison, due to a lack of options.

Because in Switzerland a criminal is still covered by the right to privacy, so unless the person in question is a public figure like a politician or the information was already leaked(among some other exceptions), it is not published. Same for the victim. Most you get is ‘John D. from Soandsotown, 34 years old (name known to the editorial department)’, if that.

I only see two comments here with 1 downvote each, and those are by separate people. but maybe i don’t see what you see because of federation issues?

sort of. Having a system that allows multiple parties, like in many European countries, certainly helps with representation and discourse. But looking at Europe, it certainly doesn’t prevent a right-wing drift towards authoritarianism. There’s sooo many other things needed for a healthy democracy, like education/literacy, strong independent institutions, unions etc.

You can just end up with two right wing parties, an extreme and a moderate one, but the moderate one catering to the extreme positions of the extreme party (and being mostly moderate in name only), and both of them forming a majority government and drifting to authoritarianism, even if there are many parties.

A proper (CNC) milling machine and lathe, like ones you can work hardened steel with. Lots of better things you could buy for that money, but with a mill and lathe i could make those things for even more money!

Edit: oh and a proper garage/hobby room to put them in

Buddy Guy. the concert was pretty posh (think bankers in suits), with everyone having arranged seating, audience sitting still and quiet like at a classical music concert.

he was like ‘fuck this, this isn’t a proper concert, my guitar is wireless, let’s stand up, go to the entry hall and jam’. so he’s just standing in the middle of the crowd and going nuts, at like 83 years of age. That was amazing.

i have a venta lw45. same principle, but instead of a wick, it has these rotating disks that the water sticks to (with a little soap in the water). Works incredibly well, still uses next to no energy (<8W) and the disks are super easy to clean. It’s a beast, goes through 9 liters of water in a bit over a day. All the parts are easily accessible for maintenance and there’s replacement parts if anything ever were to break (though i havent needed those yet).

the disks are especially nice when you have hard water, the calcium can be a pain to remove from a wick, but you can put the venta plastic disks (and lower housing, if you can fit it) in the dishwasher to get them good as new. And calcium does not stick to them weld, so a quick rinse under a strong showerhead is usually enough to clean the disks. Definitely one of the best appliance purchases i ever made.