patrick.net

@Patrick

Getting slammed with this:

@UkraineIsTotallyFucked

How did you get that response? It should not happen to a person unless you click reload like mad.

I had to implement rate limiting after getting swarmed by robots, but I thought I had it so that it would be indetectable by humans.

Patrick says

UkraineIsTotallyFucked

How did you get that response? It should not happen to a person unless you click reload like mad.

I had to implement rate limiting after getting swarmed by robots, but I thought I had it so that it would be indetectable by humans.

I go to various threads at my normal speed. Those are technically reloads. And I upload and post images. I am fast but wouldn't say that I am reloading like mad.

Here's how I did the nginx config for that. Within the top http{} block:

limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=15r/m; # 15 requests per minute, to match robots.txt "Crawl-Delay: 4"

So that says to limit by IP address, allocating 10MB named "ratelimit" for the rate limit data, and to limit the rate to 15 requests per minute.

Then within the / location block (the block that hits the node server rather than static files):

location / {
limit_req zone=ratelimit burst=10 nodelay;

That says for that "ratelimit" memory zone defined above, allow up to 10 requests at one burst, but still with an overall 15 requests per minute limit.

The images have no rate limit, because they are not served from node but directly from nginx via their own block starting with:
location ~ /icons/|/uploads/ {

I'm not an expert on nginx config, so maybe I misunderstand part of this.

@UkraineIsTotallyFucked

Is it possible you are sharing your IP address with others? That's a common situation if you are at work. All the outgoing traffic from a company typically goes out of a single IP address.

Patrick says

UkraineIsTotallyFucked

Is it possible you are sharing your IP address with others? That's a common situation if you are at work. All the outgoing traffic from a company typically goes out of a single IP address.

No. Just my home wifi.

@UkraineIsTotallyFucked

Ah, I noticed that your browser is making repeated requests for /apple-touch-icon.png, which does not exist on my server, and which count against your rate limit.

@Patrick if it isn't on your server, how come it count against my rate limit?

Because it starts with / but is not in the /uploads directory with other images. So it ends up hitting the node server, and there is a rate limit on that.

I had not considered the possibility of requests for non-existent images (404's) in combination with the rate limit. Programming is like that, always a new combination you hadn't thought of.

I'll think about how to fix that.

@UkraineIsTotallyFucked

I think I found a solution on the server side.

Let me know if you still get any "429 Too Many Request" responses.

There is no about:settings or about:config in DDG as far as I can find.

Should be OK anyway now. I lump in image 404's with other image requests now, not counting them against the rate limit.

Patrick says

Ah, I noticed that your browser is making repeated requests for /apple-touch-icon.png, which does not exist on my server, and which count against your rate limit.

Why would a computer be making requests from your server of files that don't exist? That shouldn't happen without an explicit request from the user, should it?

@richwicks

Browsers are programmed to look for a standard file called /favicon.ico to put into browser tabs as a visual identifier, so I created one and put it in the right spot on my server:

https://patrick.net/favicon.ico

It seems that Apple wanted in on that game, but with "apple" in the URL as a kind of perverse advertising. So certain browsers are now making tons of requests for /apple-touch-icon.png, but I haven't created that one, and won't, because it refers to a specific corporation and their sleazy marketing.

It seems to be used for the same purpose that favicon.ico is.

Patrick says

It seems that Apple wanted in on that game, but with "apple" in the URL as a kind of perverse advertising. So certain browsers are now making tons of requests for /apple-touch-icon.png, but I haven't created that one, and won't, because it refers to a specific corporation and their sleazy marketing.

Everybody's sleazy.

Remember when Microsoft tried to take over the Internet Internet by bribing companies to use Microsoft IIS and then hobbling that to only work with IE? Facebook, Google, and Twitter HAVE managed to take over the Internet, with false promises.

@Patrick.

You can't always post links because of markups. I'm trying to post this link:

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

The underscores are being interpreted as a prompt to print in italics. Anything between even when I compose the link manually.

Is there a way where I can tell your site NOT to mess with what I type? So that underscore remains a literal underscore, and asterisk perhaps the same?

@richwicks Sorry about the parsing error.

I changed the regexps to require space before and after the underscore to do that. So now this should be linkified correctly:

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

Note that you can use html escape characters to prevent interpretation of underscore.

https://mateam.net/html-escape-characters/ says that the underscore escape is &#95

Shit, still did not linkify correctly. At least it didn't italicize.

I guess the parens are not in my list of url chars. Added them.

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

OK, now parens do not prevent linkification.

Implement something like community notes.

You either have stupid people here, or propagandists here, or AI bots pushing propaganda.

Tie posts down to scrutiny so claims can be determined true or false, and assess quality of sources. I'm tired of having the same arguments over and over again from liars, propagandists, and scumbags - maybe morons, but again, I have only met a handful of people in my ENTIRE LIFE who are actually "stupid".

If I'm wrong, well, thanks for pointing it out. I'm in the frustration where I am not told HOW I'm wrong, just that I somehow am. I don't believe them, I don't trust them.

I've dealt with people here who I spoke with for MONTHS explaining Ukraine was over-thrown, after MONTHS, they said just because Victoria Nuland picked out the government of Ukraine before their "revolution", it wasn't certain was a coup. Fuck you @"Mostly Reader" - how many dead? 300,000? 500,000? Propagandist scumbags are everywhere, including here. You're a small site, they are here.