@rancidrabbit It's not clear whether or not Meta is changing UserAgent strings - I've seen at least one admin saying he's not seeing that.
-
@rancidrabbit It's not clear whether or not Meta is changing UserAgent strings - I've seen at least one admin saying he's not seeing that. It's totally the kind of thing they'd do, but they get so much PR value out of being perceived as "good fedi citizens" that I don't know how they think of the tradeoffs.
here's a post from @cuchaz with some tools to set up firewall-level blocks - https://gladtech.social/@cuchaz/115004304985099620
-
@rancidrabbit It's not clear whether or not Meta is changing UserAgent strings - I've seen at least one admin saying he's not seeing that. It's totally the kind of thing they'd do, but they get so much PR value out of being perceived as "good fedi citizens" that I don't know how they think of the tradeoffs.
here's a post from @cuchaz with some tools to set up firewall-level blocks - https://gladtech.social/@cuchaz/115004304985099620
@thenexusofprivacy @cuchaz That may not be the right link....
-
@thenexusofprivacy @cuchaz That may not be the right link....
@thenexusofprivacy @cuchaz But I tracked down the AS num for Facebook and a tool that lists the netblocks in it and added deny rules for those to nginx.conf:
deny 57.144.0.0/14;
deny 129.134.0.0/17;
deny 157.240.0.0/17;
deny 163.70.128.0/17;
deny 157.240.192.0/18;
deny 31.13.64.0/18;
deny 173.252.64.0/19;
deny 173.252.96.0/19;
deny 31.13.96.0/19;
deny 69.171.224.0/19; -
@thenexusofprivacy @cuchaz But I tracked down the AS num for Facebook and a tool that lists the netblocks in it and added deny rules for those to nginx.conf:
deny 57.144.0.0/14;
deny 129.134.0.0/17;
deny 157.240.0.0/17;
deny 163.70.128.0/17;
deny 157.240.192.0/18;
deny 31.13.64.0/18;
deny 173.252.64.0/19;
deny 173.252.96.0/19;
deny 31.13.96.0/19;
deny 69.171.224.0/19;@thenexusofprivacy @cuchaz Just need those for all of these other scrappers. *sigh*
-
@thenexusofprivacy @cuchaz That may not be the right link....
@rancidrabbit oops, right you are, how embarassing. fixed now!
-
@thenexusofprivacy @cuchaz Just need those for all of these other scrappers. *sigh*
Yeah. In some ways Meta today is a relatively-easy case lolsob
-
@rancidrabbit It's not clear whether or not Meta is changing UserAgent strings - I've seen at least one admin saying he's not seeing that. It's totally the kind of thing they'd do, but they get so much PR value out of being perceived as "good fedi citizens" that I don't know how they think of the tradeoffs.
here's a post from @cuchaz with some tools to set up firewall-level blocks - https://gladtech.social/@cuchaz/115004304985099620
That would be great to know.
Probably this requires blocking at every possible level to be sure (eg. robots.txt, user agent, IP ranges...) And if some bots are using ActivityPub for scraping we could also block their HTTP signature public keys?
We've prototyped a system that builds on Bonfire's circles/boundaries to define and enforce blocks at the instance, user, and post levels. Would love feedback and suggestions to make it stronger!
-
That would be great to know.
Probably this requires blocking at every possible level to be sure (eg. robots.txt, user agent, IP ranges...) And if some bots are using ActivityPub for scraping we could also block their HTTP signature public keys?
We've prototyped a system that builds on Bonfire's circles/boundaries to define and enforce blocks at the instance, user, and post levels. Would love feedback and suggestions to make it stronger!
Interesting, would love to find more about the circiles/boundaries-based prototype, is anything written up on that (or is there a repo to check)?
Agreed about blocking all the different paths. For the HTTP signature public keys, does that give any stronger protection than instance blocking?
