Codeberg

2 weeks ago

Codeberg
2 weeks ago

We apologize for a period of extreme slowness today. The army of AI crawlers just leveled up and hit us very badly.

The good news: We're keeping up with the additional load of new users moving to Codeberg. Welcome aboard, we're happy to have you here. After adjusting the AI crawler protections, performance significantly improved again.

FediVerseExplorer likes this.

in reply to Codeberg

Codeberg

in reply to Codeberg 2 weeks ago

It seems like the AI crawlers learned how to solve the Anubis challenges. Anubis is a tool hosted on our infrastructure that requires browsers to do some heavy computation before accessing Codeberg again. It really saved us tons of nerves over the past months, because it saved us from manually maintaining blocklists to having a working detection for "real browsers" and "AI crawlers".

in reply to Codeberg

Codeberg

in reply to Codeberg 2 weeks ago

However, we can confirm that at least Huawei networks now send the challenge responses and they actually do seem to take a few seconds to actually compute the answers. It looks plausible, so we assume that AI crawlers leveled up their computing power to emulate more of real browser behaviour to bypass the diversity of challenges that platform enabled to avoid the bot army.

in reply to Codeberg

Codeberg

in reply to Codeberg 2 weeks ago

We have a list of explicitly blocked IP ranges. However, a configuration oversight on our part only blocked these ranges on the "normal" routes. The "anubis-protected" routes didn't consider the challenge. It was not a problem while Anubis also protected from the crawlers on the other routes.

However, now that they managed to break through Anubis, there was nothing stopping these armies.

It took us a while to identify and fix the config issue, but we're safe again (for now).

in reply to Codeberg

Codeberg

in reply to Codeberg 2 weeks ago

For the load average auction, we offer these numbers from one of our physical servers. Who can offer more?

(It was not the "wildest" moment, but the only for which we have a screenshot)

Screenshot from htop system monitoring tool.
Load average: 5831.24 (and historical numbers: 4755.18 2710.22)
Tasks: 9537, 12566 thr ; 28 running
Uptime: 43 days, 04:50:20

in reply to Codeberg

Bradley Kuhn

in reply to Codeberg 2 weeks ago

😲🤬 re: what's happened to @Codeberg today.
The AI ballyhoo *is* a real DDoS against one of the few code hosting sites that takes a stand against slurping #FOSS code into LLM training sets — in violation of #copyleft.

Deregulation/lack-of-regulation will bring more of this. ∃ plenty of blame to go around, but #Microsoft & #GitHub deserve the bulk of it; they trailblazed the idea that FOSS code-hosting sites are lucrative targets.

giveupgithub.org

#GiveUpGitHub #FreeSoftware #OpenSource

Give Up GitHub - Software Freedom Conservancy

The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.

^{giveupgithub.org}

#FreeSoftware #foss #opensource #github #microsoft #copyleft #GiveUpGitHub @Codeberg

This entry was edited (2 weeks ago)

⇧

Codeberg

Codeberg 2 weeks ago • •

Codeberg

Codeberg

Codeberg

Codeberg

Bradley Kuhn

Give Up GitHub - Software Freedom Conservancy

Codeberg
2 weeks ago