With ongoing DDoS of my server, ive added a backup zap-stream service and wrote some docs on how YOU could run your own zap-stream backend (the new one)
https://github.com/v0l/zap-stream-core/blob/main/docs/MANUAL.md
Discussion
maybe nostr:nprofile1qqstq4j6pk2sgaupru6l7ah9nq0dueafq356jllwcy7uzlek9yx7hlspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshsnpjku2 can help here dude.
Reputation + IP rate limiting
Can it handle 600k requests per second? Thats the current connection rate
all from unique IPs?
Yea, 3M ips
well, nothing to joke about, but yeah I think it can work.
The idea is that u use the reputation of the client/author of the event to rate limit. No reputation, no responses.
Now, to get this reputation, you could compute it on your own or use a provider like Vertex.
If you do the latter, than the attacker could make you waste money for ranking throwaway pubkeys. That's were u use IP addresses to rate limit the pubkeys an IP could make you rank.
This is a configurable stream server which you can give access to others if you want by issuing them credit (sats) to stream
FYI, trying to zap you and it’s saying invalid address. Thank you for your work!
Who did you piss off?
What are some good specs for a stream host server? I don't wanna spin up something that can't handle the load.
Probably 4 CPU & 4GB RAM, it ultimately depends on how many variants you configure, if its just 1 variant like a 720p stream output then probably you could get away with 2 CPU's, storage requirement is very low because files will automatically be deleted after stream is over.
🙏Thank you.
I’d love to understand the motivation behind this attack. What could drive someone to do this persistently for a week and counting?
Seems like the bots and exploiters come along for a week or two, then disappear. They seem to point out Nostr issues, which can force some advancements. Maybe it's all just to annoy people, but maybe not. 🤔
I wanna thank you. If not for Zap.Stream I think I would still be lost in this new world. ZS help me connect with a bunch of really cool people. Thank you for all the effort.
you mean I can install zap stream on my server? I might have to try this but the biggest issue I have with your site is you allow random strangers to make comments. It should cost 21 sats or less to make comments. Right after they pay to comment they don't dont have to pay anymore.
It should also cost 21 sats to join zap stream, instead of allowing anyone to join zap stream without paying a small free right from the start.
It should also cost steamers to stream. Which it was at the beginning then you changed it to free.
All the fees above would keep scammers away and keep legit people on the site.
Now the site is broken and most people don't know how or don't have the infrastructure to host their own stream.
Nostr has this problem too, developers have a socialist mindset of wanting to keep everything free in order to grow because they think without giving services for free they won't grow but in the end the attacks destroys the suite because of allowing bad actors to easily join your sites.
if I install zap steam I will lock it down to only paying people
make zap stream work again!
make zap stream great again!
has anyone got their own zap stream website going. I want to see it. Someone post their link.
I want to try it but it looks hard. Chatgpt says it can help me install it. It seems like It'd be a full-time job managing the site and stuff.
Can you make it easy to install like a forum.