XMPP Service Operators - 2025-04-04

  1. roughnecks

    are abuse mail addresses found on whois queries, actually a good way to report an IP? I did that a couple times, never received a reply

  2. tom

    > are abuse mail addresses found on whois queries, actually a good way to report an IP? > I did that a couple times, never received a reply Good question

  3. worlio.com

    I used to do this before giving up. I've sent hundreds of emails to different abuse addresses and never would I recieve a reply and the IP would continue its abuse.

    😐 1
  4. tom

    It didn't use to be this way

  5. tom

    > I used to do this before giving up. I've sent hundreds of emails to different abuse addresses and never would I recieve a reply and the IP would continue its abuse. What do you do now instead?

  6. worlio.com

    Have fail2ban take care of 'em.

  7. moparisthebest

    would not recommend that, good way to ban yourself

  8. roughnecks

    `ignoreip` is a thing (and it accepts domain names too)

  9. moparisthebest

    Not sure why that matters unless you never move around and your IP never changes or has outages...

  10. roughnecks

    are you doing changes or "troublesome" stuff on your server while on the go? I have my home IP whitelisted and that's enough to me. Even if it bans my mobile IP, who cares?

  11. roughnecks

    they invented ddns

  12. moparisthebest

    My server seems to exclusively get into trouble while I'm on the go 🤣

  13. roughnecks

    :(

  14. worlio.com

    moparisthebest: I have never banned myself from fail2ban because I always succeed.

  15. worlio.com

    moparisthebest: I have never banned myself from fail2ban because I never fail.

  16. Menel

    Also incremental longer ban times, starting short helps. If only the memory consumption wouldn't be so huge

  17. roughnecks

    tells "61MB" here?

  18. roughnecks

    I also deployed this, with the rate-limit jail provided by a default install: https://code.moparisthebest.com/moparisthebest/nginx-limit-crawlers.git

  19. moparisthebest

    Sad that it's needed but my server hasn't stopped again so it's still good enough for now I guess :'(

  20. roughnecks

    I didn't really notice any issue before implementing that, but I saw a lot of banned IP afterward :) Only "documents" I'm hosting are my blog and xmpp-it's wiki, so probably not much to scrape!? Our forge instance, on the contrary, still has issues (it's using caddy and we modded the code from your repo). At first it seemed solved, then it started again.. CPU and memory usage spikes

  21. moparisthebest

    Yea it was my gitea instance that brought the server to a crawl

  22. roughnecks

    the server that is currently hosting forge is quite beefy, hopefully. Access was slower than usaual, but still acceptable

  23. roughnecks

    the server that is currently hosting forge is quite beefy, hopefully. Access was slower than usual, but still acceptable

  24. roughnecks

    at some point it had 100% CPU usage :O

  25. roughnecks

    at some point it had constant 100% CPU usage :O

  26. roughnecks

    if we're going too much off topic, sorry

  27. jjj333_p [pain.agency]

    > Not sure why that matters unless you never move around and your IP never changes or has outages... odd solution, you could ignore the exit ip of a known vpn server. its abusable ig but better than no fail2ban

  28. jjj333_p [pain.agency]

    (i dont have fail2ban or anything)