spam?
!Friendica Support
Is this good for me? Don't feel like.
Is this good for me? Don't feel like.
> select count(*) from gserver where url LIKE '%troll.cf%';
+----------+
| count(*) |
+----------+
| 13837755 |
+----------+
1 row in set (1 min 20.495 sec)
| 172846 | https://30m1uebec.activitypub-troll.cf | http://30m1uebec.activitypub-troll.cf | | | | 0 | 0 | | | unkn | | 0 | | 2022-12-03 19:51:17 | 0001-01-01 00:00:00 | 2023-01-03 20:01:25 | 0001-01-01 00:00:00 | 0 | 0 | 0 | 2023-02-03 20:01:25 | NULL | NULL | NULL | NULL | NULL | NULL |
| 172847 | https://1ml1up799.activitypub-troll.cf | http://1ml1up799.activitypub-troll.cf | | | | 0 | 0 | | | unkn | | 0 | | 2022-12-03 19:51:18 | 0001-01-01 00:00:00 | 2023-01-03 20:01:26 | 0001-01-01 00:00:00 | 0 | 0 | 0 | 2023-02-03 20:01:26 | NULL | NULL | NULL | NULL | NULL | NULL |
| 172848 | https://2ckkegfqs.activitypub-troll.cf | http://2ckkegfqs.activitypub-troll.cf | | | | 0 | 0 | | | unkn | | 0 | | 2022-12-03 19:51:20 | 0001-01-01 00:00:00 | 2023-01-03 20:01:28 | 0001-01-01 00:00:00 | 0 | 0 | 0 | 2023-02-03 20:01:28 | NULL | NULL | NULL | NULL | NULL | NULL |
| 172849 | https://q2g4bs0i.activitypub-troll.cf | http://q2g4bs0i.activitypub-troll.cf | | | | 0 | 0 | | | unkn | | 0 | | 2022-12-03 19:51:21 | 0001-01-01 00:00:00 | 2023-01-03 20:01:28 | 0001-01-01 00:00:00 | 0 | 0 | 0 | 2023-02-03 20:01:28 | NULL | NULL | NULL | NULL | NULL | NULL |
This entry was edited (1 year ago)
Anders Rytter Hansen likes this.
Jonas ✅
in reply to grin • • •Content warning: spam?
Yes, I had the same problem. Just block the domain.
If your instance crashes because of too many database entries block the subdomains in chunks: https://github.com/friendica/friendica/issues/12729#issue-1556556319
@Friendica Support
Prevention of automatic flooding of the worker queue by using fake requests · Issue #12729 · friendica/friendica
GitHubLorenz
in reply to grin • •Friendica Support reshared this.
Jonas ✅
in reply to Lorenz • • •Friendica Support reshared this.
Lorenz
in reply to grin • •bin/console serverblock add *.activitypub-troll.cf spam
Friendica Support reshared this.
grin
in reply to Lorenz • • •Friendica Support reshared this.
Lorenz
in reply to grin • •Friendica Support reshared this.
grin
in reply to Lorenz • • •Friendica Support reshared this.
Lorenz
in reply to grin • •Friendica Support reshared this.
Lorenz
in reply to grin • •like this
Jonas ✅ and grin like this.
Friendica Support reshared this.
Lorenz
Unknown parent • •Query OK, 13779424 rows affected (1 hour 16 min 19.826 sec)
Friendica Support reshared this.
Anders Rytter Hansen
in reply to grin • • •Friendica Support reshared this.
Lorenz
Unknown parent • •Friendica Support reshared this.
Lorenz
Unknown parent • •Friendica Support reshared this.
Lorenz
Unknown parent • •Friendica Support reshared this.
Nordnick :verified:
in reply to Lorenz • • •I guess, you are aware of the EXPLAIN command?
Friendica Support reshared this.
Lorenz
in reply to grin • •grin likes this.
Friendica Support reshared this.
grin
in reply to Lorenz • • •Lorenz
Unknown parent • •Friendica Support reshared this.
Lorenz
Unknown parent • •OPTIMIZE TABLE gserver;
and it deleted more than 3GB!Anders Rytter Hansen likes this.
Friendica Support reshared this.
Anders Rytter Hansen
Unknown parent • • •Friendica Support reshared this.
grin
in reply to grin • • •grin
in reply to Lorenz • • •grin
Unknown parent • • •Correction: after removing (better) optimize started, and recreated in a flash. Thanks!
grin
Unknown parent • • •grin
in reply to grin • • •Since then worker doesn't pull in spambots again.
Now, it would be neat to know:
1. What exatly happened (I don't know the protocol that deeply)
2. Who did what
3. How to prevent that from happening in the future (both network-wise and locally)
#spambot #spam
reshared this
Friendica Support, grin and grin reshared this.
grin
in reply to grin • • •I am not sure I'll ever grok how this is supposed to work, who gets notified when and who see what where how.
Friendica Support reshared this.
Roland Häder
in reply to grin • • •sbcloud.cc
is runningelement
. I guess this isn't federating?grin
Unknown parent • • •Friendica Support reshared this.
Lorenz
in reply to grin • •Friendica Support reshared this.
grin
Unknown parent • • •Friendica Support reshared this.
grin
Unknown parent • • •But anyway, stopped spam for me, you're free to do whatever you deem proper, including looking at the dns when the AP networks get abused. :shrug:
I wish there were useful logs: those would be better for abuse management than... dns.
Friendica Support reshared this.
Lorenz
in reply to grin • •UPDATE: I run
OPTIMIZE TABLE gserver;
- and now, wow! the table is nearly empty, just 31 MB, and now it seems I did not have to upgrade my VPS!Friendica Support reshared this.
Lorenz
Unknown parent • •I am surprised to hear that the avatar is not showing. What can be the reason? What can I do?
Friendica Support reshared this.
Lorenz
Unknown parent • •Friendica Support reshared this.
Lorenz
Unknown parent • •Friendica Support reshared this.
Lorenz
Unknown parent • •Seems to be on your end then?
Friendica Support reshared this.
Lorenz
in reply to grin • •more than 9GB freed up!
Friendica Support reshared this.
Raroun
in reply to grin • • •86k server from *.gab.best.
select count(*) from gserver where url LIKE '%troll.cf%' OR `url` LIKE '%gab.best%';
+----------+
| 86378 |
+----------+
DELETE FROM `gserver` WHERE `url` LIKE '%activitypub-troll.cf%' OR `url` LIKE '%gab.best%';
Query OK, 86378 rows affected (1.143 sec)
Changed Block pattern from gab.best to *.gab.best.
Obiviously i missed the wildcard.
grin likes this.
Friendica Support reshared this.
Lorenz
in reply to Raroun • •so within one week the result:
Friendica Support reshared this.
OldKid
in reply to Lorenz • • •@Roland Häder if I remember correctly your fix was added to the 2023.03-rc branch. The instance of @Lorenz runs on 2023.01, so still without the fix.
Friendica Support reshared this.
Lorenz
in reply to OldKid • •Alright, I will upgrade to the RC the coming days, then. Thanks!
@Roland Häder @Friendica Support
Friendica Support reshared this.
Lorenz
in reply to grin • •Friendica Support reshared this.
Raroun
in reply to grin • • •The pull request is marked in the 2023-03 Milestone, so I guess its in the actual RC and later in 2023-03-stable.
Link to pull request #12700
Blocked domains flood gserver entries by Quix0r · Pull Request #12700 · friendica/friendica
GitHublike this
OldKid and Lorenz like this.
Friendica Support reshared this.