Continued abuse

[jobbautista9]

I just had a weird thing happenj...

Looks like Styles were disabled.
Could have been you disabling in the browser, by various means, or maybe just a quirk in the board.
You can see what you screenshot shows by disabling Styles (in PM).

View | Page Styles -> No Style

I see. I've never disabled them myself, and I have no addon that does it either.
The same kind of thing has happened on a few sites before (4chan, anidb), but refreshing the page usually helped.
Hmm. I wonder why it happens by itself, and on specific sites.

Could be due to your network. Also if you've disabled HTTP/2, check if you have enabled aggressive pipelining. If you have that on, try disabling it.

[Gemmaugr]

I just had a weird thing happenj...

Looks like Styles were disabled.
Could have been you disabling in the browser, by various means, or maybe just a quirk in the board.
You can see what you screenshot shows by disabling Styles (in PM).

View | Page Styles -> No Style

I see. I've never disabled them myself, and I have no addon that does it either.
The same kind of thing has happened on a few sites before (4chan, anidb), but refreshing the page usually helped.
Hmm. I wonder why it happens by itself, and on specific sites.

Could be due to your network. Also if you've disabled HTTP/2, check if you have enabled aggressive pipelining. If you have that on, try disabling it.

HTTP/2 is enabled, and aggressive pipelining is false. Weirder and weirder. Not that it happens often enough to be an issue, it's just odd. Thanks for the suggestions though.

[frostknight]

Well at least anubis' time is very short when it appears on palemoon forums.

Some sites, it takes longer. lol. invidio instances for example...

[BenFenner]

I have a hunch. And it comes down to how phpBB works...

Do "guests" viewing the forum (users who are not logged in) produce and make use of a session/cookie (matched server-side by a DB table entry or file)?

Because if so, that can be all that is needed for heavy traffic to take down the site, especially if session cookies are backed by a file on the server's file system. (I don't think DB-backed sessions suffer the same problem.)
The server's session directory can fill with 10k+ files, and session-lookup can thrash the hell out of the file system at that point, returning mostly 500 errors.

If this is the case, (it's worth looking into IMO) maybe there is a way to turn off sessions for forum "guests".

I went through this with my own PHP forum software. I re-wrote the session logic entirely to no longer use a session for "guests". It was a lot of difficult and fiddly work, but conceptually simple since "guests" did not really need a session at all. It's just so common to do so...

I went from hourly rotational counts of 10-20k session files down to dozens or hundreds at most. And it completely solved the 500 errors and resource issues I was suddenly dealing with 8 months ago.

[Massacre]

Anubis is now in place with proper weighing. Most legitimate users should barely notice it's in place.

At least it does not crash the browser... For now.

[Moonchild]

Sessions are stored in the db; it's not really an issue. I could, however, look into making guest visits more restrictive with less administration so it's at least an idea to look at reducing load, but the bottom line simply remains it's abusive traffic hammering a low end VPS with many requests per second.

That being said, I have not seen issues when monitoring after anubis was put in place so I'm assuming it's being effective here to stop bad traffic.

[Night Wing]

Since I installed the newest version of MX Linux 25 (Infinity) Xfce, Annubis shows up for a split second of time and then disappears. After logging in to the Pale Moon Forum site with 64 bit linux Pale Moon (GTK2) 33.9.1 and staying logged in from then on, Annubis does not show at all the next time I visit this site.

[BenFenner]

Of course phpBB is going to have its limitations (as a translucent box), so putting another box in front of it can make some sense (Anubis or whatever).

By happenstance I came across another simple "box" that is on topic and might be worth some consideration:
Blocking poorly behaved scrapers without JavaScript

[gabrgv]

Looks like Anubis is preventing Newsraft from reading the feeds from this forum (e. g., the releases feed):

Code: Select all

  Errors of https://forum.palemoon.org/app.php/feed/forum/1
               
  XML parser failed: syntax error
  curl failed: Failed writing received data to disk/application, Failure writing output to destination
  The server which keeps the feed returned 200 status code!
  Feed update failed!

But Newsraft does reads the feeds from the repo.

[Moonchild]

Newsraft does reads the feeds from the repo.

the repo has special allowances for gitea RSS feeds.
I'll have to construct something specific for forum feeds to allow that.

EDIT: made a filter exception. see if this works for you.

[gabrgv]

EDIT: made a filter exception. see if this works for you.

Yes, it's working now. Thanks!

[Bilbo47]

Update seems to be blocking NewsFox as well. Can't find a setting in UI nor in repo docs about javascript.

[jobbautista9]

Update seems to be blocking NewsFox as well. Can't find a setting in UI nor in repo docs about javascript.

I think as a workaround you will have to let the browser solve the Anubis challenge first before having your RSS add-on read the feed. At least that's what I did for the built-in Live Bookmarks feature.

[Moonchild]

Update seems to be blocking NewsFox as well. Can't find a setting in UI nor in repo docs about javascript.

Hmm that shouldn't happen; I explicitly whitelisted the feed URLs so it should just allow the request unchallenged.
Can you show me what URL request is made by NewsFox?

[Bilbo47]

show me what URL request is made by NewsFox?

Can't find in the UI nor in DevTools where this is visible. Assume the request is based on what is defined in that feed. One of these works (Anubis "working" then "Oh noes!") and the other fails (Invalid feed URL). [Pasted from the exported opml file]

Code: Select all

xmlUrl="https://forum.palemoon.org/app.php/feed/forum/61" 
xmlUrl="https://forum.palemoon.org/feed.php?f=1" 

To fix the failure, also can't find in the forum pages a correct RSS URL. The pattern is clear but don't wanna hack.

[Moonchild]

Code: Select all

https://forum.palemoon.org/feed.php?f=1

Aha. I didn't think this format was used (and it does in fact forward to the expected request format /app.php/feed/forum/1)
I've added an exception for this format as well now; it should bypass the check and work.

One of these works (Anubis "working" then "Oh noes!") and the other fails (Invalid feed URL).

...actually, the Anubis "working" and "oh noes" is not expected on feed URLs. So that one actually didn't work.
Not sure why you'd get an invalid feed URL unless you're trying to request a non-accessible/non-existent feed.

[Bilbo47]

Anubis "working" and "oh noes" is not expected on feed URLs.
Not sure why you'd get an invalid feed URL unless you're trying to request a non-accessible/non-existent feed.

Cool; so today both feeds flash "Making sure you're not a bot" then end on "Oh noes".
Under Tools => Preferences -> Content => Javascript, both checkboxes are set to On. Anything else I can check?

[Moonchild]

Cool; so today both feeds flash "Making sure you're not a bot" then end on "Oh noes".

That is entirely opposite to what should happen. I checked with a clean slate and the feed URLs work as-expected for me, without anubis interfering. So I don't know what's going on for you.
If possible please show me the full HTTP request headers; possibly some other bot checking rule is triggered.

[Gemmaugr]

Have Anubis been set to very aggressive/protective mode recently?

Today Anubis wanted to check me every time I opened a new unread forum and topic/thread. Happened like 5-7times in a row (they only take 1 sec tops though).
On and off I also still get that No Page Style jank, and have to reload the site 5 times to get everything to show as normal (this takes 3 sec per reload).

Neither is a huge issue, but they're weird, and multiplying, heh.

If it helps against bots, I'm fine with it. I'm just saying is all.

[Moonchild]

Nothing has changed today.