coming from the same IPs is the opposite of a DDoS, and the easiest thing to mitigate if the offendoor cannot be contacted to ask if they can please fix their stuff.
Login to reply
Replies (3)
I meant DoS, not necessarily DDoS.
I'll allow it 😅🕊️
nostr:nprofile1qqs8hhhhhc3dmrje73squpz255ape7t448w86f7ltqemca7m0p99spgpzemhxue69uhkzat5dqhxummnw3erztnrdakj7qgmwaehxw309a3ksun0de5kxmr99ej8gmmwdahzucm0d5hszrnhwden5te0dehhxtnvdakz7x5lq8z
I'll try to comment here since fiatjaf has probably muted me (or at least unfollowed and stopped replying 🤷♂️).
I see that njump.me is using Cloudflare, and for the event renderer `cache-control: max-age=604800` is in place. But when looking at the response headers, I’m still getting lots of cache misses, with Cloudflare hitting the njump.me Caddy instance. Maybe add some generous `s-maxage` and `immutable` headers so Cloudflare can handle most of the load for all immutable events.
For the replaceable ones, it may be worth computing a quick ETag or at least setting `Last-Modified` headers. This would offload some of the legitimate pressure to Cloudflare and make it easier to identify misbehaving clients or potentially malicious script kiddies trying to bypass the cache.
I did something like this for Khatru's Blossom server, and things went from saturating a 2.5 Gbps link on a personal relay to manageable quite quickly.
https://github.com/fiatjaf/njump/blob/d9eae440c719300c6ad08092fe4a446f90245af4/render_event.go#L300