Page 2 of 2
Re: DDOS Attacks / AI botfarm overload
Posted: Wed Jul 23, 2025 1:20 pm
by davefiddes
Glad to see you deployed Anubis. It's made the forum and wiki so much snappier than any time I can remember. Thanks!
It's an arms race. I hope the bad guys take a long time to find a way round.
Re: DDOS Attacks / AI botfarm overload
Posted: Wed Jul 23, 2025 3:36 pm
by johu
Yeah I hope so too!
Also the spam via the shops inquiry form has magically stopped as well
Unfortunately kevpatts is no longer able to log in no matter which browser he tries:
Re: DDOS Attacks / AI botfarm overload
Posted: Thu Jul 24, 2025 12:44 pm
by Bigpie
johu wrote: ↑Wed Jul 23, 2025 3:36 pm
Yeah I hope so too!
Also the spam via the shops inquiry form has magically stopped as well
Unfortunately kevpatts is no longer able to log in no matter which browser he tries:
image.png
I've been contacted by someone else having this issue too, it's only once logged in, at least in their case.
Re: DDOS Attacks / AI botfarm overload
Posted: Thu Jul 24, 2025 6:28 pm
by johu
Maybe this?
https://www.phpbb.com/community/viewtopic.php?t=2629811
The forum is actually running on localhost now and is proxied to the outside world with nginx reverse proxy
Re: DDOS Attacks / AI botfarm overload
Posted: Fri Jul 25, 2025 12:04 pm
by tom91
Something weird is reported
https://www.diyelectriccar.com/threads/ ... st-1134893
Possibly related to the changes made
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Jul 26, 2025 1:37 pm
by dcaawdiz
johu wrote: ↑Sun Jul 20, 2025 3:38 pm
Lets see if there are adverse effects, i.e. TOR users no longer able to access the site or so
EDIT: tested. Still works over Tor
I registered here to just say thanks for taking care tor not block the free internet.
Its great to see using Anubis instead of something centralized and closed source like Cloud-flare.
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Jul 26, 2025 4:06 pm
by johu
Very welcome!
In case you have trouble logging in try going via
https://openinverter.org:8444/forum/
Re: DDOS Attacks / AI botfarm overload
Posted: Tue Aug 05, 2025 11:10 am
by davefiddes
I'm seeing a lot of long delays on email thread notifications. The problem seems to be coincident with the DDOS mitigation changes. The delay is something like 17.5 hours. Most emails seem to come through eventually.
My reading of the headers is that the delay is entirely within the openinverter server and don't relate to delivery:
Code: Select all
...
Authentication-Results: mailhub-cam-d.mythic-beasts.com;
spf=pass smtp.mailfrom=masterle.net;
dkim=pass header.d=johanneshuebner.com header.s=20210203-johanneshuebner.com header.a=rsa-sha256
Received: from [2a01:4f8:121:3a7::2] (port=36939 helo=zdw.masterle.net)
by mailhub-cam-d.mythic-beasts.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.96)
(envelope-from <www-data@masterle.net>)
id 1ujF1h-002PbB-0M
for d.j@fiddes.net;
Tue, 05 Aug 2025 11:36:13 +0100
Received: from localhost (localhost [127.0.0.1])
by zdw.masterle.net (Postfix) with ESMTP id 8A9AA8429F4
for <d.j@fiddes.net>; Tue, 5 Aug 2025 12:36:12 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at masterle.net
Received: from zdw.masterle.net ([127.0.0.1])
by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id wG2m9eFg6GSs for <d.j@fiddes.net>;
Tue, 5 Aug 2025 12:36:11 +0200 (CEST)
Received: by zdw.masterle.net (Postfix, from userid 33)
id 052E9842C5B; Tue, 5 Aug 2025 12:36:07 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=johanneshuebner.com;
s=20210203-johanneshuebner.com; t=1754390168;
bh=2zQjArAj9BE31DDeZGSY044D7HyFOAg2zjWriaYS+FQ=;
h=To:Subject:From:Reply-To:Date:List-Unsubscribe:From;
b=ECGWPaxIY6HSTA9qmJIuv1qyjh7BxpOTYWZ7ZDTuHMLO8AKcAwoIITNNNFo/qTb2B
qghIBL31GwRoXVorqSG2ovwAlqNmoF5jRV+CrGu3F7SmHqJVdhts+Xv3iYaHOZ6N34
fXPGdYnsAEHFXc1Plu8pE6UhLKlsMCuPwJ5Srwf3nSOFLGVT0eb9TCI6nZUpiYvexi
nblWTVTphJMkTZdEvhFatQn7oyfVRRkZ7FQEUCshuX/9QxDZZlY1GFBkuFMxsyUSAh
ukD61I9w8EUwqBMVdIlsqL0l/xS2MUSDtDtwbIeqjk6BucuiaW3s7s3ft4nlBNxdVo
2dfc+q47OgWGg==
To: =?US-ASCII?Q?davefiddes?= <d.j@fiddes.net>
Subject: =?US-ASCII?Q?Reply=20in=20=22Tesla=20Model=203=20Rear=20Dr?= =?US-ASCII?Q?ive=20Unit=20Hacking=22?=
From: <dev@johanneshuebner.com>
Reply-To: <dev@johanneshuebner.com>
Sender: <dev@johanneshuebner.com>
MIME-Version: 1.0
Message-ID: <faf908935f2b103c2316bfb3285ca433@openinverter.org>
Date: Mon, 04 Aug 2025 19:08:41 +0200
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: phpBB3
X-MimeOLE: phpBB3
X-phpBB-Origin: phpbb://openinverter.org/forum
List-Unsubscribe: <https://openinverter.org/forum/viewtopic.php?uid=1275&t=575&unwatch=topic>
...
Re: DDOS Attacks / AI botfarm overload
Posted: Mon Aug 11, 2025 11:37 am
by JaniK2
I was trying to log in this summer for few time and it didn't work, it just went to error page saying: tried to redirect to unsecure url?
I tried at work pc that i have never used to visit openinverter.org and same error.
Made a new account. Worked first time.
Maybe I havent logged in during 2025 and got disabled.
My account has been going to this page for some time, and now I made new account and it just works.
johu wrote: ↑Wed Jul 23, 2025 3:36 pm
Yeah I hope so too!
Also the spam via the shops inquiry form has magically stopped as well
Unfortunately kevpatts is no longer able to log in no matter which browser he tries:
image.png
Re: DDOS Attacks / AI botfarm overload
Posted: Mon Aug 11, 2025 5:41 pm
by johu
Yes I did prune accounts that never posted and weren't active in 2025.
Others had the login issue as well, I set up and unproxied instance at
https://openinverter.org:8444/forum/
When having trouble it's worthwhile to log in there then go back to the standard URL
Re: DDOS Attacks / AI botfarm overload
Posted: Tue Aug 12, 2025 10:11 am
by JaniK
johu wrote: ↑Mon Aug 11, 2025 5:41 pm
Yes I did prune accounts that never posted and weren't active in 2025.
Others had the login issue as well, I set up and unproxied instance at https://openinverter.org:8443/forum/
When having trouble it's worthwhile to log in there then go back to the standard URL
This actually worked! How did I miss that.
Thanks Johu
Re: DDOS Attacks / AI botfarm overload
Posted: Thu Aug 14, 2025 1:39 am
by rsiddall3576
Just realized I stopped getting updates from the forum's RSS feed on July 15. I get a 404 error from Nginx on
app.php/feed, but it works on port 8443. I had to use port 8443 to log in. Updated my feed reader to use port 8443.
Re: DDOS Attacks / AI botfarm overload
Posted: Mon Aug 18, 2025 4:09 pm
by johu
rsiddall3576 wrote: ↑Thu Aug 14, 2025 1:39 am
Just realized I stopped getting updates from the forum's RSS feed on July 15. I get a 404 error from Nginx on
app.php/feed, but it works on port 8443. I had to use port 8443 to log in. Updated my feed reader to use port 8443.
That and other issues with app.php should now be fixed
Re: DDOS Attacks / AI botfarm overload
Posted: Sun Sep 14, 2025 12:23 am
by skr
Re: DDOS Attacks / AI botfarm overload
Posted: Wed Oct 22, 2025 5:46 pm
by johu
I have changed the "emergency port" to 8444 as I got too much traffic again. Please DO NOT use this for anything productive such as:
rsiddall3576 wrote: ↑Thu Aug 14, 2025 1:39 am
Just realized I stopped getting updates from the forum's RSS feed on July 15. I get a 404 error from Nginx on app.php/feed, but it works on port 8443. I had to use port 8443 to log in. Updated my feed reader to use port 8443.
Only log in there once, then change back to the regular site!
Re: DDOS Attacks / AI botfarm overload
Posted: Fri Nov 07, 2025 8:29 am
by MattsAwesomeStuff
Johannes - A few people having trouble logging in here, probably who haven't logged in in a while:
https://www.diyelectriccar.com/posts/1137185/
Also, umm, probably 6 or 7 years too late, but, expect the remainder of community that transfered here from DIY EC back when you founded the forums to make that transition in the next while. The corporate masters decided to start forcing AI spambots to "simulate human interaction", give fake "likes" and flag posts as "helpful", etc. This in addition to automatically mis-labeled all pictures with AI-analyzed alt tags. In a bit of theatrics, I said if they were being forced on us, they'd be forcing our hand too and they could run the forums themselves. Their answer was to pull my admin powers (I'm the last active admin) and double down on the AI. Aside from 1 odd duck, the rest of the community seems ready to walk away. It's been overdue a long time, I stuck around for years hoping I could eventually shame them into restoring the backup of the old Garage and lost posts, but they admitted it had been deleted.
Re: DDOS Attacks / AI botfarm overload
Posted: Fri Nov 07, 2025 5:31 pm
by johu
Yeah I still get regular emails where people have trouble logging in and can't even read the solution here. But we need this firewall to avoid bots overloading the server. None of the logdata I have been sent so far (thanks btw) really revealed the root cause.
Today I got the first email where someone could log in on their phone but not on the laptop. So it's not tied to the username or country.
As tried before it is also not down to Anubis itself but caused by the reverse proxy structure needed by Anubis. Even with Anubis taken out the issue persists.
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Nov 08, 2025 6:02 am
by MattsAwesomeStuff
johu wrote: ↑Fri Nov 07, 2025 5:31 pmYeah I still get regular emails where people have trouble logging in and can't even read the solution here. But we need this firewall to avoid bots overloading the server. None of the logdata I have been sent so far (thanks btw) really revealed the root cause.
Dumb it down for me, is there a specific solution for people to try, or is this still an actively troubleshooted thing and we don't know why? If it's being troubleshot, what procedure can I give people to follow that will be helpful to you?
And/or post on that thread on DIY EC yourself if you'd like, as I'm likely to distort the information.
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Nov 08, 2025 7:42 am
by johu
Check the opening post of this thread
Currently on my phone, hope that helps
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Nov 08, 2025 9:50 am
by johu
MattsAwesomeStuff wrote: ↑Sat Nov 08, 2025 6:02 am
If it's being troubleshot, what procedure can I give people to follow that will be helpful to you?
Before trying the 8444 workaround people could document what they
- can they access the wiki? openinverter.org/wiki
- can they access the shop? openinverter.org/shop
- can they access a direct link to a topic? e.g.
https://openinverter.org/forum/viewtopic.php?t=6368
I have played with some server settings but since I can't reproduce the problem I can't check if I improved it. Also installed some extensions specifically targeting reverse proxies but one did nothing at all and the other crashed the board.
Re: DDOS Attacks / AI botfarm overload
Posted: Sat Nov 22, 2025 11:36 pm
by eee291
I had this issue a few weeks ago and yes to the first two and no to the last one if I had the cookies from when tried to log in. When I cleared cookies I could view posts. But as soon as I wanted to log in every post was just a blank page. Wiki and shop were visible.
