I was playing around with fail2ban and started thinking.

If I ban bots, is that actually a net negative to the health of the internet?

When you ban bots, they just go to the next server. Because your server does not have default or dumb passwords it was unlikely to be breached anyways, the bot was just wasting its resources.

When you ban it, it moves to the next one where it has a higher chance to succeed.

The two ideas I have to impose higher costs on bots is

1. Tarpit

Tying up resources indefinitely seems more useful than just blocking it. Although compute is so cheap it probably doesn't matter nowadays. Maybe more effective back when bots were simpler.

1. Report it to abuseipdb and similar

I'm not sure if the aipdb et al are actually annoying enough that bots would spend time avoid getting on those lists?

I have an idea for doing a test, I'll take two IP:s and put fail2ban on them.

On one, we don't ban, just report it to abuseipdb.

On the other we just ban.

I'm curious if this will affect the amount of scans hitting it.

#fail2ban #tarpit

​ MAJOR Plot twist! ​

I'm sure you're having a better morning than me because I was greeted with an email from #OVH (the VPS provider) that started with "Hello Mr. Rossini" and informed me that the VPS was stopped because they suspected a hack - and it will be permanently deleted. "Now let us know Mr. Rossini if you'd like to purchase a new VPS plan."

30 Euros* for 4 hours of VPS experimentation with Docker! YAY (not!)

(*30 Euros corresponded to a 6-month plan, sigh)

I received ZERO advanced warnings... #OVHCloud simply deleted my VPS because of "unusual activity" and proposed I buy a new one.

I had installed #Fail2Ban on it first thing yesterday morning, but I suppose changing 0.0.0.0 with my VPS's IP4 address in one of the Docker settings... to connect it to Docker GUI did it for me.

You live, you learn.

I will stay away from OVH Cloud.

(Yes I had tried creating an account with Hetzer and NetCup before but they had a convoluted signup process and wanted too much personal info/docs, so I had given up and turned to OVH. My bad).

What will I do now?

Find a new VPS provider.

Feeling salty about the 30 Euros I spent for 6 months with OVH but honestly I feel like I dodged a bullet. I had nothing installed on the VPS, except for Fail2Ban and basic Docker. Imagine how catastrophic it would have been if they had deleted my VPS without warning if I had important stuff on it! Shivering at the thought.

Onwards and upwards, more humble than ever, with infinite respect for sysadmins 🙏​

#MySoCalledSudoLife #N00b

​ MAJOR Plot twist! ​

I'm sure you're having a better morning than me because I was greeted with an email from #OVH (the VPS provider) that started with "Hello Mr. Rossini" and informed me that the VPS was stopped because they suspected a hack - and it will be permanently deleted. "Now let us know Mr. Rossini if you'd like to purchase a new VPS plan."

30 Euros* for 4 hours of VPS experimentation with Docker! YAY (not!)

(*30 Euros corresponded to a 6-month plan, sigh)

I received ZERO advanced warnings... #OVHCloud simply deleted my VPS because of "unusual activity" and proposed I buy a new one.

I had installed #Fail2Ban on it first thing yesterday morning, but I suppose changing 0.0.0.0 with my VPS's IP4 address in one of the Docker settings... to connect it to Docker GUI did it for me.

You live, you learn.

I will stay away from OVH Cloud.

(Yes I had tried creating an account with Hetzer and NetCup before but they had a convoluted signup process and wanted too much personal info/docs, so I had given up and turned to OVH. My bad).

What will I do now?

Find a new VPS provider.

Feeling salty about the 30 Euros I spent for 6 months with OVH but honestly I feel like I dodged a bullet. I had nothing installed on the VPS, except for Fail2Ban and basic Docker. Imagine how catastrophic it would have been if they had deleted my VPS without warning if I had important stuff on it! Shivering at the thought.

Onwards and upwards, more humble than ever, with infinite respect for sysadmins 🙏​

#MySoCalledSudoLife #N00b

Dear Fedi friends,

Sometimes it's good to know when you need to call it a day. Today I ended my #sudo exploits at 10:00am... I'm mentally exhausted already... but happy about the progress I made.

I started tinkering with my new VPS at 7:30am and managed the following tasks:

- installed #fail2ban
- installed #Docker and checked if it was running successfully with their "hello world" method (it does)
- enabled remote access changing the listening port
- secured the connection with TLS

I wasn't able to create a new Docker context on Docker Desktop to point to my VPS... I ran into error messages about having to include certificates (with the right path)... so I decided to call it a day.

I wanted to end my Day 1 of Docker explorations on a good note.

I plan on writing about this on my blog later today so I can refer back to the steps later... when I actually install Docker on my VPS running Ghost.

Onwards and upwards (it's very apt that "sudo" in Italian means "I sweat" LOOOOL)

#MySoCalledSudoLife #selfhosting #newbie

Dear Fedi friends,

Sometimes it's good to know when you need to call it a day. Today I ended my #sudo exploits at 10:00am... I'm mentally exhausted already... but happy about the progress I made.

I started tinkering with my new VPS at 7:30am and managed the following tasks:

- installed #fail2ban
- installed #Docker and checked if it was running successfully with their "hello world" method (it does)
- enabled remote access changing the listening port
- secured the connection with TLS

I wasn't able to create a new Docker context on Docker Desktop to point to my VPS... I ran into error messages about having to include certificates (with the right path)... so I decided to call it a day.

I wanted to end my Day 1 of Docker explorations on a good note.

I plan on writing about this on my blog later today so I can refer back to the steps later... when I actually install Docker on my VPS running Ghost.

Onwards and upwards (it's very apt that "sudo" in Italian means "I sweat" LOOOOL)

#MySoCalledSudoLife #selfhosting #newbie

Des de les 7 de la tarda d'ahir, #fail2ban està bloquejant automàticament totes les IPs de bots xafarders, no només Amazonbot. Ara mateix ja ha bloquejat un total de 1.171 IP, bloqueig actiu de 327.
Edito: cap robot obté res de mastodont.cat, només "veuen" que s'ha interromput la connexió gràcies a una configuració específica de nginx (el programari que serveix continguts).

#scraping #BotsXafarders

#reaction v2.2.0 is released!

Two big new features:
- Full IP support (built-in regex, ip ranges, different actions on IPv4 and IPv6...)
- Options for action deduplication

See the release for a more detailed changelog:
https://framagit.org/ppom/reaction/-/releases/v2.2.0

#reaction-rust #rust #fail2ban

#reaction v2.2.0 is released!

Two big new features:
- Full IP support (built-in regex, ip ranges, different actions on IPv4 and IPv6...)
- Options for action deduplication

See the release for a more detailed changelog:
https://framagit.org/ppom/reaction/-/releases/v2.2.0

#reaction-rust #rust #fail2ban

#SelfHosting question: when hosting a bunch of services on the same box (say all in docker containers), do you do #fail2ban in each containerised service or globally on the host?
#AskFedi

#SelfHosting question: when hosting a bunch of services on the same box (say all in docker containers), do you do #fail2ban in each containerised service or globally on the host?
#AskFedi

Fixed. The #OSM wiki.openstreetmap.org is back up to speed. We've been able to mitigate the bot traffic. #fail2ban

Unfortunately the #OpenStreetMap wiki is very slow today. We are fighting an aggressive web scraper bot. 10,000 of IPs involved. Randomised User-Agent. Ignoring robots.txt #aibot #ddos

Update: Fixed. We've been able to mitigate the bot traffic. #fail2ban