It’s impossible, i got this instance to just see lemmy from my own instance, but no, it was slow as hell the whole week, i got new pods, put postgres on a different pod, pictrs on another, etc.
But it was slow as hell. I didn’t know what it was until a few hours before now. 500 GETs in a MINUTE by ClaudeBot and GPTBot, wth is this? why? I blocked the user agents, etc, using a blocking extension on NGINX and now it works.
WHY? So google can say that you should eat glass?
Life is now hell, if before at least someone could upload a website, now even that is painfull.
Sorry for the rant.
Patience, AI crash bubble burst will be soon.
🤞
Just cache. Read only traffic should add negligible load to your server. Or you’re doing something horribly wrong
They are 1 cpu and 1 gb of ram pods, postgres goes to 100% cpu on 500 requests per minute, after i put the NGINX extension, it reduced to at max 10%. On weaker servers, these bots make hell on earth, not the config.
Load should be near zero for reads.
If it’s hitting postgres it’s not hitting the cache. Do you have a caching reverse proxy in front of your web application?
I don’t have a cache, but the problem is solved now, i can browse lemmy haha.
The nginx instance you have in front of your app can perform caching and avoid hitting your app. The advantage is that it will improve performance even against the most stealthy of bots, including those that don’t even exist yet. The disadvantage is that the AI scum get what they want.
Oh, cool. I’m going to look at it!
If that doesn’t work for you, also look at varnish and squid.
You can either use Cloudflare(proprietary) or anubis (Foss)
Don’t do this
Why?
Because it harms marginalized folks’ ability to access content while also letting evil corp (and their fascist government) view (and modify) all encrypted communication with your site and its users.
It’s bad.
Cloudflare has pretty good protection against this, but I totally understand not wanting to use Cloudflare
You can enable
Private Instancein your admin settings, this will mean only logged in users can see content. This will prevent AI scrapers from slowing down your instance as all they’ll see is an empty homepage, so no DB calls. As long as you’re on 0.19.11, federation will still work.Same for Mbin.
Enabled, thanks for the tip!
Haha, just wait when you get ddosed by anonymous user agents. I have been there.
I’m talking 40k requests per 5 seconds.
Anubis + Nepenthes is the answer.
Article for whoever was unaware like me.
At some point they’re going to try to evade detection to continue scraping the web. The cat and mouse game continues except now the “pirates” are big tech.
They already do. (“They” meaning AI generally, I don’t know about Claude or ChatGPT’s bots specifically). There are a number of tools server admins can use to help deal with this.
See also:
https://zadzmo.org/ is dead already and arstechnica is writing about them so…
these solutions have the side effect of making the bots stay on your site longer and generate more traffic. it’s not for everyone.
Use Anubis. That’s pretty much the only thing you can do against bots that they have no way of circumventing.
Yeah, going to install it this week, but the nginx extension seemed to solve the issue.
Which extention are you using if I may ask?
