Results of the last rowocaust (deleting remote like/react activities since they're recorded elsewhere): 21% table row count decrease, about 10% total DB size decrease.
I'd act surprised it hasn't frozen yet, but apprently the issue is completely man-made, that being chomos attempting to DoS instances. Screenshot_20240817_134526.png
@chris9x@phnt Those activities aren't even targeted towards my relay, it has cannibal.cafe's relay (which I think shouldn't exist anyway since ackoma disables them by default) in recepients. Still I find it hard to believe it's collateral damage, youjo shouldn't have a relay for the same reasons and even if it was, why the fuck would I subscribe to it. It appears shenaginans began at 08:20:52 UTC and stopped at 09:45:42, somewhere halfway through useragent switched from "I hope you are feeling better" to "curl/8.9.1". ips.txt
@phnt@chris9x Apparently youjo is still up and other nonces just put it to hosts to federate. I have the same theory, maybe whatever HTTP library he used follows redirects by default, and the pedo tried to play hot potato with me.
@chris9x@phnt Oh, requests with curl useragent went to /relay/inbox/ (note the slash) and didn't have valid-looking signature in the header, which made all of them return 400. The other useragent was sending them to /relay/inbox, all with the same header with valid structure. Might've been the work of two, albeit from the same IP range.
@phnt@chris9x@mint@threat No protections around outbound requests, so "fetch the key to verify the sig" and the race before the key is fetched (no locking) means your server makes N simultaneous outbound requests to get that file.
@p@phnt@chris9x@threat Also, latest Pleroma doesn't do any synchronous key fetching upon request, instead queuing them up in Oban, so there's not going to be any full pipe oversaturation.
@mint@chris9x@p@phnt if the matter is object size, isn't there a way in pleroma to reject >(x) object size? maybe i don't understand the context in this one.