#WebAdmin

Let's Encrypt API is having trouble. 😄 The current status is orange; they are a little okay but still recovering due to high traffic. 😄 I want to make my next Mastodon instance that maybe lasts for ≤ 1 hour lol 😄. If God wills, He will grant my instance to last for ≥ 1 month. 😄

#LetsEncrypt #Mastodon #Fediverse #WebAdmin #TechHumor #SSL #API #WebHosting #ShortLivedInstance #SysAdminLife #DevOps #WebSecurity #CertificateProblems #HighTraffic #ExperimentalHosting

Krishean Draconiskrishean@tech.lgbt
2025-07-17
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP:x-firefox-ai} !^$
RewriteRule ^ - [F,L]
</IfModule>

:blobfoxthinking:

#webadmin #apache #apache2

Krishean Draconiskrishean@tech.lgbt
2025-07-17

website traffic continues to be like 80% bots

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-07-08

another day, another cloud hosting provider banned from the website for hosting exploit scanning bots

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-07-07

the Chrome/129 bots still haven't figured out that i'm onto their bullshit and none of their requests are succeeding

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-26

seems that the Chrome/129 botnet still hasn't figured out that i'm onto their bullshit and all they're getting for every request is a "please update your browser" page

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-24

seems like a lot of the web scanning bots (the ones searching for admin login pages) are switching to a Chrome/121 user agent

* note: the Chrome/129 web bots are still present, and afaict are not looking for admin login pages or exploits, they seem to be trying to scrape all the site's content, probably for an llm or something (conjecture), but why they would go to the trouble of setting that up through what appears to be tor is beyond me

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-17

i also found out that googlebot (the legit one operating from google's address space) will occasionally use a user agent of Chrome/99, despite using a more up to date ua most of the time

#webadmin

Krishean Draconiskrishean@tech.lgbt
2025-06-17

looking at the unusual Chrome/129 traffic again, it's definitely some kind of botnet, it's using hundreds of mostly unique ips, and there's periodic (hourly?) surges of requests. i'm sure there's some real people with outdated browsers getting mixed in with my apache rule, so i'm glad i didn't just do a straight block and went with a redirect page instead

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-17

-A INPUT -s 220.187.192.0/19 -m comment --comment "bot using spoofed googlebot user agent" -j DROP

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-11

lol someone has a bot scanning with GET /.DS_Store HTTP/1.1

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-11

additionally, Mozilla/4.0 is only used by Internet Explorer in compatibility mode, so you may want to block that as well, since all versions of IE are deprecated at this point and shouldn't be used for normal web browsing. most versions of IE can't even connect to modern websites anymore, the only one that supports TLSv1.2 is IE11 on Win10, so if you have old protocols disabled it's almost guaranteed that any traffic you see with older IE user agents is not real (i do know there are ways to get older versions of IE working through a local tls proxy, i've done it myself for retrocomputing purposes)

although i'm not sure if edge in IE mode will use that user agent, i haven't played around with it much

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-11

you can block user agents that match ^Mozilla but not ^Mozilla/[45]\.0 \(

* note: this will block some web crawlers such as bingbot/gptbot/claudebot as well because they put the AppleWebKit/537\.36 token in the wrong place (before the first parentheses), but you should be blocking at least the latter two of those anyway

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-10

-A INPUT -s 168.220.247.0/24 -m comment --comment "bot using spoofed googlebot user agent" -j DROP

i am now naming and shaming for doing this

#webadmin #bots

Krishean Draconiskrishean@tech.lgbt
2025-06-10

psa: noticing a lot of unusual bot-like requests using the Chrome/129 user agent. rather than a straight up 403 block, i'm 302 redirecting them to a "please update your browser" page, in case any real users are still using an 8 month old browser for some reason

#webadmin #bots

alxd of the Story Seed Libraryalxd@writing.exchange
2025-06-04

I realized that the #goAccess #web #analytics based on #nginx I use on #storySeedLibrary are pretty limited. Maybe too limited.

I'm considering to swapping to some JS-based ones, like Piwik or a similar #FLOSS solution.

Can you recommend anything?

Do you think that using JS-based analytics would compromise the privacy of the users?

#admin #webAdmin #privacy

2025-03-21

The most fun since sliced bread (for server admins). Tuning caching parameters makes a world of difference, plus blocking any bot that is hammering your site.

tail -f access.log

#geek #webadmin #ITadmin

Mr. Vmrv404
2025-03-20

Is there a free alternative to Cloudflare tunnels?

2025-03-04

Google has just informed me that the top clicks on a website I manage are from Kenya. I can't be bothered to check if they count bots as clicks or perhaps they're dog fooding their ai and it's hallucinating.

I'm also damn sure there haven't been 3.5K impressions on that site last month. The script kiddies must be busier than usual.

#WebAdmin

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst