'Tis the Well-Dressing Season

Started by Silver Tabby, May 19, 2024, 10:42:02 AM

« previous - next »

JBR

Quote from: GrannyMac on May 20, 2024, 06:53:22 PMI fear I'd be described as one and I don't even like the term 'elderly'. I'm an older person, thank you very much.
I think 'senior citizen' might be a more appropriate term.

As for me, I'm a doddering old bugger.
Numquam credere Gallicum

klondike

To the callow youths (as the tossers looking after the Amazon bot almost certainly are) anybody over 30 would be regarded as geriatric.

It's still hammering away but sending an immediate 403 (forbidden) requires far less resource than running a php script to create a forum page from the database. I've set it to allow the robots.txt file regardless now so if they read that and obey the directive to sod off then even the load generating 403s will be removed too.

GrannyMac

Well done for even knowing what that means klondike! I'm in awe.
Its not how old you are, but how you are old. 💖

Diasi

Quote from: klondike on May 20, 2024, 08:53:52 PMTo the callow youths (as the tossers looking after the Amazon bot almost certainly are) anybody over 30 would be regarded as geriatric.

It's still hammering away but sending an immediate 403 (forbidden) requires far less resource than running a php script to create a forum page from the database. I've set it to allow the robots.txt file regardless now so if they read that and obey the directive to sod off then even the load generating 403s will be removed too.
I can't see how these are legal, it's akin to spamming.
Make every day count, each day is precious.
"Death leaves a heartache no one can heal, love leaves a memory no one can steal".  (Cassandra)
[email protected]

klondike

Quote from: GrannyMac on May 21, 2024, 05:03:25 AMWell done for even knowing what that means klondike! I'm in awe.
It's only necessary to be aware of the basics. Google points to where you can crib the detail.

Just saw your recovery today. Wondering it its worth getting up  :sad:

There are far less legitimate bots than that one out there. The Internet is pretty much the wild west.

JBR

Quote from: GrannyMac on May 21, 2024, 05:03:25 AMWell done for even knowing what that means klondike! I'm in awe.
Me too.  I know nowt about computers, apart from the on button.
Numquam credere Gallicum

klondike

That bot has now stopped. There are always bots running but most just grab a few pages at a time. That one must have been stupid and rereading for some reason. Maybe fooled into thinking pages had changed because a time had changed or something.

I can see it started having an impact on the 18th and ran through til when I gave it the bums rush yesterday. At times it was doing 12 pages a second from multiple IPs so it must have read the entire site many times over.

This is a quick look now...

bitnami@ip-172-26-15-47:~$ tail -f /opt/bitnami/apache2/logs/access_log
3.145.69.185 - - [21/May/2024:08:34:44 +0000] "GET /index.php?PHPSESSID=vll6n5p4a4nhoirmp2svmfj89r&topic=4451.0 HTTP/1.1" 200 7632
3.16.41.142 - - [21/May/2024:08:34:46 +0000] "GET /index.php?PHPSESSID=7sf59i2ql3aa50hsthoap5trhe&msg=78042 HTTP/1.1" 302 20
3.16.41.142 - - [21/May/2024:08:34:46 +0000] "GET /index.php?PHPSESSID=7sf59i2ql3aa50hsthoap5trhe;topic=3543.msg78042 HTTP/1.1" 200 8168
3.145.69.185 - - [21/May/2024:08:34:46 +0000] "GET /index.php?PHPSESSID=tqe3l26s74l7ou2trcgb1jije0&topic=2252.15 HTTP/1.1" 200 8013
3.16.135.151 - - [21/May/2024:08:34:47 +0000] "GET /index.php?PHPSESSID=0jcmorh2kjngjgrnd3elqs14ip&msg=102940 HTTP/1.1" 302 20
3.16.135.151 - - [21/May/2024:08:34:47 +0000] "GET /index.php?PHPSESSID=0jcmorh2kjngjgrnd3elqs14ip;topic=4467.msg102940 HTTP/1.1" 200 10700
3.138.32.76 - - [21/May/2024:08:34:47 +0000] "GET /index.php?PHPSESSID=50h71qutekl1u128q0mnkq5qjd&action=profile;u=12 HTTP/1.1" 200 3117
3.145.69.185 - - [21/May/2024:08:34:48 +0000] "GET /index.php?PHPSESSID=fbrkf0bmmtmg1rvk48it1c3dpc&topic=4551.0 HTTP/1.1" 200 6243
3.138.32.76 - - [21/May/2024:08:34:48 +0000] "GET /index.php?PHPSESSID=3f97sq3gl7ob51j5i8vq1nr97k&topic=4389.0 HTTP/1.1" 200 9770
3.17.152.183 - - [21/May/2024:08:34:50 +0000] "GET /index.php?PHPSESSID=jas6qtajhm7derdv0iso9h9k9d&action=printpage;topic=4502.0 HTTP/1.1" 200 3802
86.27.216.59 - - [21/May/2024:08:34:53 +0000] "GET /index.php?action=post;topic=4629.0;last_msg=106860 HTTP/1.1" 200 10967
3.141.35.238 - - [21/May/2024:08:34:53 +0000] "GET /index.php?PHPSESSID=es0nfi080iad29l2nu2flh21dl&msg=19044 HTTP/1.1" 302 20
3.141.35.238 - - [21/May/2024:08:34:53 +0000] "GET /index.php?PHPSESSID=es0nfi080iad29l2nu2flh21dl;topic=1020.msg19044 HTTP/1.1" 200 6732
86.27.216.59 - - [21/May/2024:08:34:53 +0000] "GET /cron.php?ts=1716280485 HTTP/1.1" 200 43
44.214.187.82 - - [21/May/2024:08:34:53 +0000] "GET /index.php?PHPSESSID=p3r6ekkams03qanon7t70728at&board=1.400;sort=starter;desc HTTP/1.1" 200 5883
3.129.21.61 - - [21/May/2024:08:34:54 +0000] "GET /index.php?PHPSESSID=arnjsrn83rjmo0tog8of4lbs8s&topic=4544.15 HTTP/1.1" 200 10217
3.141.2.133 - - [21/May/2024:08:34:54 +0000] "GET /index.php?PHPSESSID=h8e113fljr3231qplfh6i3poi3&msg=104215 HTTP/1.1" 302 20
3.141.2.133 - - [21/May/2024:08:34:54 +0000] "GET /index.php?PHPSESSID=h8e113fljr3231qplfh6i3poi3;topic=606.msg104215 HTTP/1.1" 200 9223
3.141.2.133 - - [21/May/2024:08:34:55 +0000] "GET /index.php?PHPSESSID=o7q66m08rpq6pvub2p4a43bkip&topic=4548.msg104608 HTTP/1.1" 200 5773
18.223.108.105 - - [21/May/2024:08:34:57 +0000] "GET /index.php?PHPSESSID=8vvo1rr7r8omc2t1hl4nphv4rp&msg=104159 HTTP/1.1" 302 20
18.223.108.105 - - [21/May/2024:08:34:57 +0000] "GET /index.php?PHPSESSID=8vvo1rr7r8omc2t1hl4nphv4rp;topic=4528.msg104159 HTTP/1.1" 200 9334
3.17.187.116 - - [21/May/2024:08:34:58 +0000] "GET /index.php?PHPSESSID=r8ns4mr018uie1k0vsno8utfqh&msg=103049 HTTP/1.1" 302 20
3.22.209.120 - - [21/May/2024:08:34:58 +0000] "GET /index.php?PHPSESSID=qa4jf87eu9novrui0jd33ckg6s&action=profile;u=75 HTTP/1.1" 200 3114
3.17.187.116 - - [21/May/2024:08:34:58 +0000] "GET /index.php?PHPSESSID=r8ns4mr018uie1k0vsno8utfqh;topic=4476.msg103049 HTTP/1.1" 200 7187
3.143.111.233 - - [21/May/2024:08:34:59 +0000] "GET /index.php?PHPSESSID=95fphv7vi4m5752oidusn5qu0m&topic=4438.0 HTTP/1.1" 200 7008
3.142.213.250 - - [21/May/2024:08:34:59 +0000] "GET /index.php?PHPSESSID=r3ed1u20lb8iopa7iiu8msurt3&topic=4417.15 HTTP/1.1" 200 6128
3.141.30.211 - - [21/May/2024:08:35:00 +0000] "GET /index.php?PHPSESSID=2adaqr5duql9qdo2sne3kbkrq1&action=profile;u=4 HTTP/1.1" 200 3115
3.15.144.170 - - [21/May/2024:08:35:01 +0000] "GET /index.php?PHPSESSID=j7bi35ge2j1hoksdaa1te9h8qo&msg=103514 HTTP/1.1" 302 20
3.15.144.170 - - [21/May/2024:08:35:01 +0000] "GET /index.php?PHPSESSID=j7bi35ge2j1hoksdaa1te9h8qo;topic=4503.msg103514 HTTP/1.1" 200 9101
86.161.60.254 - - [21/May/2024:08:35:02 +0000] "GET / HTTP/1.1" 200 5558
18.222.83.185 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=aofa13bn3ha8gusueeue9vgkbv&msg=288 HTTP/1.1" 302 20
18.222.83.185 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=aofa13bn3ha8gusueeue9vgkbv;topic=23.msg288 HTTP/1.1" 200 9314
3.145.101.192 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=isvctmtm5h80dn8i2pvjlsp2g7&topic=2914.msg73863 HTTP/1.1" 200 6780
18.190.156.212 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=ln4ns0j8egth5kbnd5u30biedu&msg=104125 HTTP/1.1" 302 20
13.58.232.95 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=uci2n0n17cmtrpnuo5pckiglso&msg=103564 HTTP/1.1" 302 20
18.190.156.212 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=ln4ns0j8egth5kbnd5u30biedu;topic=4526.msg104125 HTTP/1.1" 200 7598
18.222.83.185 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=rm81m136urcq70ok4pcrhir12k&topic=606.0;prev_next=next HTTP/1.1" 200 9739
44.214.187.82 - - [21/May/2024:08:35:03 +0000] "GET /index.php?PHPSESSID=p3r6ekkams03qanon7t70728at&board=1.400;sort=views HTTP/1.1" 200 5578

That's 22 different IPs in less that 20 seconds. I've looked a few up and they were nearly all Amazon virtual servers running in Ohio. They will be a variety of bots used to collect data for nefarious purposes. Running an Amazon Lightsail instance such as the one this forum uses is ridiculously cheap. None of those are having any impact though.  I run my own "bot" on my Pi at home which reads this forum home page once a minute and records the stats. Today so far the basic numbers are

Requests: 600    Average : 0.21

Over 1.00 sec:    0    0%

Over 0.50 to 1.00 sec:    0    0%

Over 0.25 sec to 0.50 sec:    24    4%

Timeout    :    0    0%