patrick.net

@Patrick

Getting slammed with this:

@UkraineIsTotallyFucked

How did you get that response? It should not happen to a person unless you click reload like mad.

I had to implement rate limiting after getting swarmed by robots, but I thought I had it so that it would be indetectable by humans.

Patrick says

UkraineIsTotallyFucked

How did you get that response? It should not happen to a person unless you click reload like mad.

I had to implement rate limiting after getting swarmed by robots, but I thought I had it so that it would be indetectable by humans.

I go to various threads at my normal speed. Those are technically reloads. And I upload and post images. I am fast but wouldn't say that I am reloading like mad.

Here's how I did the nginx config for that. Within the top http{} block:

limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=15r/m; # 15 requests per minute, to match robots.txt "Crawl-Delay: 4"

So that says to limit by IP address, allocating 10MB named "ratelimit" for the rate limit data, and to limit the rate to 15 requests per minute.

Then within the / location block (the block that hits the node server rather than static files):

location / {
limit_req zone=ratelimit burst=10 nodelay;

That says for that "ratelimit" memory zone defined above, allow up to 10 requests at one burst, but still with an overall 15 requests per minute limit.

The images have no rate limit, because they are not served from node but directly from nginx via their own block starting with:
location ~ /icons/|/uploads/ {

I'm not an expert on nginx config, so maybe I misunderstand part of this.

@UkraineIsTotallyFucked

Is it possible you are sharing your IP address with others? That's a common situation if you are at work. All the outgoing traffic from a company typically goes out of a single IP address.

Patrick says

UkraineIsTotallyFucked

Is it possible you are sharing your IP address with others? That's a common situation if you are at work. All the outgoing traffic from a company typically goes out of a single IP address.

No. Just my home wifi.

@UkraineIsTotallyFucked

Ah, I noticed that your browser is making repeated requests for /apple-touch-icon.png, which does not exist on my server, and which count against your rate limit.

@Patrick if it isn't on your server, how come it count against my rate limit?

Because it starts with / but is not in the /uploads directory with other images. So it ends up hitting the node server, and there is a rate limit on that.

I had not considered the possibility of requests for non-existent images (404's) in combination with the rate limit. Programming is like that, always a new combination you hadn't thought of.

I'll think about how to fix that.

@UkraineIsTotallyFucked

I think I found a solution on the server side.

Let me know if you still get any "429 Too Many Request" responses.

There is no about:settings or about:config in DDG as far as I can find.

Should be OK anyway now. I lump in image 404's with other image requests now, not counting them against the rate limit.

Patrick says

Ah, I noticed that your browser is making repeated requests for /apple-touch-icon.png, which does not exist on my server, and which count against your rate limit.

Why would a computer be making requests from your server of files that don't exist? That shouldn't happen without an explicit request from the user, should it?

@richwicks

Browsers are programmed to look for a standard file called /favicon.ico to put into browser tabs as a visual identifier, so I created one and put it in the right spot on my server:

https://patrick.net/favicon.ico

It seems that Apple wanted in on that game, but with "apple" in the URL as a kind of perverse advertising. So certain browsers are now making tons of requests for /apple-touch-icon.png, but I haven't created that one, and won't, because it refers to a specific corporation and their sleazy marketing.

It seems to be used for the same purpose that favicon.ico is.

Patrick says

It seems that Apple wanted in on that game, but with "apple" in the URL as a kind of perverse advertising. So certain browsers are now making tons of requests for /apple-touch-icon.png, but I haven't created that one, and won't, because it refers to a specific corporation and their sleazy marketing.

Everybody's sleazy.

Remember when Microsoft tried to take over the Internet Internet by bribing companies to use Microsoft IIS and then hobbling that to only work with IE? Facebook, Google, and Twitter HAVE managed to take over the Internet, with false promises.

@Patrick.

You can't always post links because of markups. I'm trying to post this link:

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

The underscores are being interpreted as a prompt to print in italics. Anything between even when I compose the link manually.

Is there a way where I can tell your site NOT to mess with what I type? So that underscore remains a literal underscore, and asterisk perhaps the same?

@richwicks Sorry about the parsing error.

I changed the regexps to require space before and after the underscore to do that. So now this should be linkified correctly:

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

Note that you can use html escape characters to prevent interpretation of underscore.

https://mateam.net/html-escape-characters/ says that the underscore escape is &#95

Shit, still did not linkify correctly. At least it didn't italicize.

I guess the parens are not in my list of url chars. Added them.

https://en.wikipedia.org/wiki/South_Africa_v.Israel(Genocide_Convention)

OK, now parens do not prevent linkification.

Implement something like community notes.

You either have stupid people here, or propagandists here, or AI bots pushing propaganda.

Tie posts down to scrutiny so claims can be determined true or false, and assess quality of sources. I'm tired of having the same arguments over and over again from liars, propagandists, and scumbags - maybe morons, but again, I have only met a handful of people in my ENTIRE LIFE who are actually "stupid".

If I'm wrong, well, thanks for pointing it out. I'm in the frustration where I am not told HOW I'm wrong, just that I somehow am. I don't believe them, I don't trust them.

I've dealt with people here who I spoke with for MONTHS explaining Ukraine was over-thrown, after MONTHS, they said just because Victoria Nuland picked out the government of Ukraine before their "revolution", it wasn't certain was a coup. Fuck you @"Mostly Reader" - how many dead? 300,000? 500,000? Propagandist scumbags are everywhere, including here. You're a small site, they are here.

personal

richwicks says

awaiting moderation

You gotta calm your ponies chief. I'm not moderating that comment. All I know is when you say "I know where you live" and "I will never use that against you. I won't harm you ever." Who the fuck thought they were going to get harmed by a website user??? Dude that's a veiled threat if I ever saw one.

Up to Pat about banning, but you're for sure crossing a line. We can give each other shit, but what I saw in moderation is trash. Not my site, but definitely not an adult comment is all I'll say. That's called seeing a brain doctor of some sort. Get some help dude. You're out of your element. You're wrong on a ton of stuff. It's okay. So am I. No need to call out that you know where people live. That's not remotely normal.

richwicks says

awaiting moderation

"He was just a fucking propagandist"

"OK Patrick, what vague Terms of Service did I violate now? Point them out."

@richwicks

Rule #1: "Site Rules 1. Do not deliberately insult the other users personally." from https://patrick.net/post/1277846/2015-02-09-an-antidote-to-corporate-media

You just keep on insulting other users personally.

Why do you do that?

Patrick says

You just keep on insulting other users personally.

Why do you do that?

Not going to talk about anyone directly. Because it's multiple users. Some of you cats beat a dead horse over and over and over. No one cares. If they did they'd address you and you'd just go back to the original bull shit you spewed out. Some of you are clearly not open to dialog even with actual proof you're wrong. It's extremely hard to have a conversation with some of you. No one here knows everything. Stop acting like you do. Grow up toddlers.

WookieMan says

Get some help dude

Yeah. I said that about a year or two ago to him as well. Seriously.

If someone is making veiled threats such as “I know where you live (red flags: why even bother trying to figure that out?) but I’ll never use it against youl.” it is apparent this person has already suggested that they have considered it a possibility. That is why I think this person is either mentally ill or a paid FED agitator. Either way the site owner has the right to ban such an individual to protect the safety and the discourse of free speech from malevolent actors. Someone who consistently insults other users, makes veiled threats or just simply spam posts and attempts to drown out other voices by the sheer volume and tone of their posts has actually impeded others ability to share ideas. To defend speech sometimes you have to take away a person’s megaphone so that the smaller voices can be heard.

Also if the owner of the site allows people to make repeated insults and veiled threats, it becomes questionable if others should find it safe or expedient to continue to contribute here themselves.

Please everyone do use the flag link to mark comments that are obviously personal.