Article <usm96m$3fkqg$1@dont-email.me>

Deutsch English Français Italiano
<usm96m$3fkqg$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: jim whitby <mr.spock@spockmall.net>
Newsgroups: sci.electronics.design
Subject: Re: Chinese downloads overloading my website
Date: Mon, 11 Mar 2024 06:43:34 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 147
Message-ID: <usm96m$3fkqg$1@dont-email.me>
References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com>
	<6lekuihu1heui4th3ogtnqk9ph8msobmj3@4ax.com> <usec35$130bu$1@solani.org>
	<u14quid1e74r81n0ajol0quthaumsd65md@4ax.com> <usjiog$15kaq$1@solani.org>
	<t7rrui5ohh07vlvn5vnl277eec6bmvo4p9@4ax.com> <usm6v6$17e2c$1@solani.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 11 Mar 2024 06:43:34 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="8cc9e89bc304c99fd083ac0a74b65300";
	logging-data="3658576"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1882zs6AHvewTaKf0081pJPIyeZrTnyEO4="
User-Agent: Pan/0.149 (Bellevue; 4c157ba git@gitlab.gnome.org:GNOME/pan.git)
Cancel-Lock: sha1:ao4Ojzex0BOwDq62PDk3oqyaruA=
X-Face: 'd|=lF%bYC^5t0@gyc[dBY6e`*9=7%4L:`xOBZam#J*j/9GZh=l&xcbJyuGun(*s
 =?UTF-8?Q?\4oF-ng=0A?=
 Sylo&)70,bE_K]WwpPH'v/&uI6xq.c'l(DORW{gm,W:@N!?uVwKI?"'yY|>Jxa
 =?UTF-8?Q?2q=287fNM8Kd|2+2zF=0A?=
 m&GrR,3#7rFZ3,VhH{,=E`8N*t|raH,8{"h+g#hDE,>@PWE}xa4Mz
 =?UTF-8?Q?HEv&eOT#B=5Df=2C#\=28=29-=3Dw=28x=40xl=40=0A?=
 s%wWrtkCSH]c&ev:?m-7)(g|s#\+#h
Bytes: 7840

> On a sunny day (Sun, 10 Mar 2024 13:47:48 -0400) it happened legg
> <legg@nospam.magma.ca> wrote in
> <t7rrui5ohh07vlvn5vnl277eec6bmvo4p9@4ax.com>:
> 
>>On Sun, 10 Mar 2024 06:08:15 GMT, Jan Panteltje <alien@comet.invalid>
>>wrote:
>>
>>>On a sunny day (Sat, 09 Mar 2024 20:59:19 -0500) it happened legg
>>><legg@nospam.magma.ca> wrote in
>>><u14quid1e74r81n0ajol0quthaumsd65md@4ax.com>:
>>>
>>>>On Fri, 08 Mar 2024 06:43:49 GMT, Jan Panteltje <alien@comet.invalid>
>>>>wrote:
>>>>
>>>>>On a sunny day (Thu, 07 Mar 2024 17:12:27 -0500) it happened legg
>>>>><legg@nospam.magma.ca> wrote in
>>>>><6lekuihu1heui4th3ogtnqk9ph8msobmj3@4ax.com>:
>>>>>
>>>>>>A quick response from the ISP says they're blocking the three hosts
>>>>>>and 'monitoring the situatio'.
>>>>>>
>>>>>>All the downloading was occuring between certain hours of the day in
>>>>>>sequence - first one host between 11 and 12pm. one days rest, then
>>>>>>the second host at the same timeon the third day,
>>>>>>then the third host on the fourth day.
>>>>>>
>>>>>>Same files 262 times each, 17Gb each.
>>>>>>
>>>>>>Not normal web activity, as I know it.
>>>>>>
>>>>>>RL
>>>>>
>>>>>Many sites have a 'I m not a bot' sort of thing you have to go
>>>>>through to get access.
>>>>
>>>>
>>>>Any idea what's involved - preferably anything that doesn't owe to
>>>>Google?
>>>>...
>>>>I'd like to limit traffic data volume by any host to <500M,
>>>>or <50M in 24hrs. It's all ftp.
>>>
>>>I no longer run an ftp server (for many years now),
>>>the old one here needed a password.
>>>Some parts of my website used to be password protected.
>>>When I ask google for "how to add a captcha to your website"
>>>I see many solutions, for example this:
>>> https://www.oodlestechnologies.com/blogs/create-a-captcha-validation-
in-html-and-javascript/
>>>
>>>Maybe some html guru here nows?
>>
>>That looks like it's good for accessing an html page.
>>So far the chinese are accessing the top level index, where files are
>>offered for download at a click.
>>
>>Ideally, if they can't access the top level, a direct address access to
>>the files might be prevented?
> 
> What I am doing now is using a html://mywebsite/pub/ directory with lots
> of files in it that I want to publish in for example this newsgroup,
> I then just post a direct link to that file.
> So it has no index file and no links to it from the main site.
> It has many sub directories too.
>  https://panteltje.nl/pub/
GPS_to_USB_module_component_site_IXIMG_1360.JPG
>  https://panteltje.nl/pub/pwfax-0.1/README
> 
> So you need the exact link to access anything fine for publishing
> here...
> Maybe Usenet conversations are saved somewhere ? google still holds the
> archive?
> I have most postings saved here on the Raspberry Pi4 8GB I am using for
> web browsing and Usenet for what I found interesting back to 2006, older
> to back 1998 maybe on the old PC upstairs
> 
> raspberrypi: ~/.NewsFleX # l total 692 -rw-r--r--   1 root root  21971
> Jan  9  2006 NewsFleX.xpm -rw-r--r--   1 root root   2576 Jul 30  2006
> newsservers.dat.bak drwxr-xr-x   5 root root   4096 Apr  1  2008
> news.isu.edu.tw/
> drwxr-xr-x   5 root root   4096 Apr  1  2008 textnews.news.cambrium.nl/
> -rw-r--r--   1 root root      1 Mar  5  2009 global_custom_head
> drwx------   4 root root   4096 Dec  6  2009 http/
> -rw-r--r--   1 root root     99 Apr  4  2010 signature.org -rw-r--r--  
> 1 root root   8531 Apr  4  2010 signature~
> -rw-r--r--   1 root root   8531 Apr  4  2010 signature -rw-r--r--   1
> root root    816 Nov  9  2011 filters.dat.OK drwxr-xr-x   3 root root  
> 4096 Jul  5  2012 nntp.ioe.org/
> drwxr-xr-x   2 root root   4096 Mar 30  2015 news.altopia.com/
> drwxr-xr-x  25 root root   4096 Mar  1  2020 news2.datemas.de/
> drwxr-xr-x 109 root root   4096 Jun  1  2020 news.albasani.net/
> drwxr-xr-x   2 root root   4096 Nov 28  2020 setup/
> drwxr-xr-x  10 root root   4096 Mar  1  2021 news.ziggo.nl/
> drwxr-xr-x   6 root root   4096 Jun  1  2021 news.chello.nl/
> drwxr-xr-x   2 root root   4096 Aug 19  2021 news.neodome.net/
> drwxr-xr-x   6 root root   4096 Sep  1  2022 news.tornevall.net/
> drwxr-xr-x 156 root root   4096 Nov  1  2022 news.datemas.de/
> drwxr-xr-x  23 root root   4096 Jan  1  2023 news.aioe.cjb.net/
> drwxr-xr-x   4 root root   4096 Jan  1  2023 news.cambrium.nl/
> drwxr-xr-x  52 root root   4096 Jan  1  2023 news.netfront.net/
> drwxr-xr-x  60 root root   4096 Feb  1  2023 freenews.netfront.net/
> -rw-r--r--   1 root root   1651 Feb  1  2023 urls.dat~
> drwxr-xr-x  49 root root   4096 Apr  2  2023 freetext.usenetserver.com/
> -rw-r--r--   1 root root   1698 Apr 18  2023 urls.dat drwxr-xr-x  15
> root root   4096 Aug  2  2023 localhost/
> drwxr-xr-x  11 root root   4096 Dec 15 06:57 194.177.96.78/
> drwxr-xr-x 190 root root   4096 Dec 15 06:58 nntp.aioe.org/
> -rw-r--r--   1 root root   1106 Feb 23 06:43 error_log.txt -rw-r--r--  
> 1 root root    966 Feb 23 13:33 filters.dat~
> -rw-r--r--   1 root root    973 Mar  2 06:28 filters.dat drwxr-xr-x  57
> root root   4096 Mar  3 11:42 news.eternal-september.org/
> drwxr-xr-x  14 root root   4096 Mar  3 11:42 news.solani.org/
> drwxr-xr-x 197 root root   4096 Mar  3 11:42 postings/
> -rw-r--r--   1 root root 184263 Mar  6 04:45 newsservers.dat~
> -rw-r--r--   1 root root   2407 Mar  6 04:45 posting_periods.dat~
> -rw-r--r--   1 root root      0 Mar  6 06:27 lockfile -rw-r--r--   1
> root root     87 Mar  6 06:27 kernel_version -rw-r--r--   1 root root
> 107930 Mar  6 06:27 fontlist.txt -rw-r--r--   1 root root 184263 Mar  6
> 06:27 newsservers.dat -rw-r--r--   1 root root   2407 Mar  6 06:27
> posting_periods.dat ....
> lots of newsservers came and went over time...
> 
> I have backups of my website on harddisk, optical and of course my
> hosting provider.

You may find the file:

/etc/hosts.deny

useful in this case, you can block by name(s) or ip(s).
Man hosts,deny
for more info




-- 
Jim Whitby


Famous, adj.:
	Conspicuously miserable.
		-- Ambrose Bierce, "The Devil's Dictionary"
----------------------
Mageia release 9 (Official) for x86_64
6.6.18-server-1.mga9 unknown
----------------------