Nostr Web Client

Website being attacked with millions requests. Cloudflare does not help.

What do?

#devstr

Hard question to answer. I'm not sure what helps that doesn't cost money. Plus cloudflare just intercepts all that traffic without the user's consent.

We have ways of tuning load balancers, but it's constant upkeep.

IP blocking kind of works (not for ddos) but it limits honest people like me with VPN IPs from low reputation blocks.

Really just lots of CPU, and many layers/balancers. Possibly javascript client-challenges, but this really hurts UX (think captchas)

There was an "open source" telemetry project at some point for this, but I think they kept their intel databases private. I've been thinking rdns lookups, but that's resource intensive and slow.

Reply to this note

Please Login to reply.

Discussion

elsat 5mo ago

nostr:npub12rv5lskctqxxs2c8rf2zlzc7xx3qpvzs3w4etgemauy9thegr43sf485vg is there something here about cashu as a way to get a webpage to load and make attacks more expensive

ChipTuner 5mo ago

Something that helps, but I've been slow to implement, is cookie monitoring. Someone shared a (kind of outdated) nginx community module that added cookies to requests based on IP addresses. I think after some number of requests on the same IP without a cookie bans the IP address.

nginx isn't great for dynamic request filtering, I don't remember envoy being that good at dynamic L4 either. Id like to see a healthy way filtering could be added to networks at the L3 easily, sure it exists, but I haven't seen an easy way to handle that. Id like not to have to add another layer of buffering and latency to the traffic.