cgspace-notes/docs/2024-11/index.html

230 lines
7.2 KiB
HTML
Raw Permalink Normal View History

2024-11-19 08:40:23 +01:00
<!DOCTYPE html>
<html lang="en" >
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta property="og:title" content="November, 2024" />
<meta property="og:description" content="2024-11-11
Some IP in India is making tons of requests this morning with a normal user agent:
# awk &#39;{print $1}&#39; /var/log/nginx/api-access.log | sort | uniq -c | sort -h | tail -n 40
...
513743 49.207.196.249
" />
<meta property="og:type" content="article" />
<meta property="og:url" content="https://alanorth.github.io/cgspace-notes/2024-11/" />
<meta property="article:published_time" content="2024-11-11T09:47:00+03:00" />
2024-12-04 14:27:49 +01:00
<meta property="article:modified_time" content="2024-11-19T10:40:23+03:00" />
2024-11-19 08:40:23 +01:00
<meta name="twitter:card" content="summary"/>
<meta name="twitter:title" content="November, 2024"/>
<meta name="twitter:description" content="2024-11-11
Some IP in India is making tons of requests this morning with a normal user agent:
# awk &#39;{print $1}&#39; /var/log/nginx/api-access.log | sort | uniq -c | sort -h | tail -n 40
...
513743 49.207.196.249
"/>
<meta name="generator" content="Hugo 0.133.1">
<script type="application/ld+json">
{
"@context": "http://schema.org",
"@type": "BlogPosting",
"headline": "November, 2024",
"url": "https://alanorth.github.io/cgspace-notes/2024-11/",
"wordCount": "229",
"datePublished": "2024-11-11T09:47:00+03:00",
2024-12-04 14:27:49 +01:00
"dateModified": "2024-11-19T10:40:23+03:00",
2024-11-19 08:40:23 +01:00
"author": {
"@type": "Person",
"name": "Alan Orth"
},
"keywords": "Notes"
}
</script>
<link rel="canonical" href="https://alanorth.github.io/cgspace-notes/2024-11/">
<title>November, 2024 | CGSpace Notes</title>
<!-- combined, minified CSS -->
<link href="https://alanorth.github.io/cgspace-notes/css/style.c6ba80bc50669557645abe05f86b73cc5af84408ed20f1551a267bc19ece8228.css" rel="stylesheet" integrity="sha256-xrqAvFBmlVdkWr4F&#43;GtzzFr4RAjtIPFVGiZ7wZ7Ogig=" crossorigin="anonymous">
<!-- minified Font Awesome for SVG icons -->
<script defer src="https://alanorth.github.io/cgspace-notes/js/fontawesome.min.f5072c55a0721857184db93a50561d7dc13975b4de2e19db7f81eb5f3fa57270.js" integrity="sha256-9QcsVaByGFcYTbk6UFYdfcE5dbTeLhnbf4HrXz&#43;lcnA=" crossorigin="anonymous"></script>
<!-- RSS 2.0 feed -->
</head>
<body>
<div class="blog-masthead">
<div class="container">
<nav class="nav blog-nav">
<a class="nav-link " href="https://alanorth.github.io/cgspace-notes/">Home</a>
</nav>
</div>
</div>
<header class="blog-header">
<div class="container">
<h1 class="blog-title" dir="auto"><a href="https://alanorth.github.io/cgspace-notes/" rel="home">CGSpace Notes</a></h1>
<p class="lead blog-description" dir="auto">Documenting day-to-day work on the <a href="https://cgspace.cgiar.org">CGSpace</a> repository.</p>
</div>
</header>
<div class="container">
<div class="row">
<div class="col-sm-8 blog-main">
<article class="blog-post">
<header>
<h2 class="blog-post-title" dir="auto"><a href="https://alanorth.github.io/cgspace-notes/2024-11/">November, 2024</a></h2>
<p class="blog-post-meta">
<time datetime="2024-11-11T09:47:00+03:00">Mon Nov 11, 2024</time>
in
<span class="fas fa-folder" aria-hidden="true"></span>&nbsp;<a href="/categories/notes/" rel="category tag">Notes</a>
</p>
</header>
<h2 id="2024-11-11">2024-11-11</h2>
<ul>
<li>Some IP in India is making tons of requests this morning with a normal user agent:</li>
</ul>
<div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-console" data-lang="console"><span style="display:flex;"><span># awk <span style="color:#e6db74">&#39;{print $1}&#39;</span> /var/log/nginx/api-access.log | sort | uniq -c | sort -h | tail -n <span style="color:#ae81ff">40</span>
</span></span><span style="display:flex;"><span>...
</span></span><span style="display:flex;"><span>513743 49.207.196.249
</span></span></code></pre></div><ul>
<li>They are using this user agent:</li>
</ul>
<pre tabindex="0"><code>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.3
</code></pre><h2 id="2024-11-16">2024-11-16</h2>
<ul>
<li>I switched CGSpace to Node.js v20 since I&rsquo;ve been using it in dev and test for months</li>
</ul>
<h2 id="2024-11-18">2024-11-18</h2>
<ul>
<li>I see a bot (188.34.177.10) on Hetzner has made 35,000 requests this morning and is pretending to be Googlebot, GoogleOther, etc
<ul>
<li>Google publishes their range of IPs also: <a href="https://developers.google.com/search/docs/crawling-indexing/verifying-googlebot">https://developers.google.com/search/docs/crawling-indexing/verifying-googlebot</a></li>
<li>Our nginx config doesn&rsquo;t rate limit the API but perhaps that needs to change&hellip;</li>
<li>In DSpace 4/5/6 the API was separate from the user interface so we didn&rsquo;t need to enforce rate limits there because we encouraged using that over scraping the UI</li>
<li>In DSpace 7 the API is used by the frontend and perhaps should have the same IP- and UA-based rate limiting</li>
</ul>
</li>
</ul>
<h2 id="2024-11-19">2024-11-19</h2>
<ul>
<li>I notice 10,000 requests by a new bot yesterday:</li>
</ul>
<pre tabindex="0"><code>20.38.174.208 - - [18/Nov/2024:07:02:50 +0100] &#34;GET /server/oai/request?verb=ListRecords&amp;resumptionToken=oai_dc%2F2024-10-18T13%3A00%3A49Z%2F%2F%2F400 HTTP/1.1&#34; 503 190 &#34;-&#34; &#34;Laminas_Http_Client&#34;
</code></pre><ul>
<li>Seems to be some kind of PHP framework library</li>
<li>Yesterday one IP in Argentina made nearly 1,000,000 requests using a normal user agent: 181.4.143.40</li>
<li>188.34.177.10 ended up making 700,000 requests using various Googlebot, GoogleOther, and even normal Chrome user agents</li>
</ul>
<!-- raw HTML omitted -->
</article>
</div> <!-- /.blog-main -->
<aside class="col-sm-3 ml-auto blog-sidebar">
<section class="sidebar-module">
<h4>Recent Posts</h4>
<ol class="list-unstyled">
2024-12-04 14:27:49 +01:00
<li><a href="/cgspace-notes/2024-12/">December, 2024</a></li>
2024-11-19 08:40:23 +01:00
<li><a href="/cgspace-notes/2024-11/">November, 2024</a></li>
<li><a href="/cgspace-notes/2024-10/">October, 2024</a></li>
<li><a href="/cgspace-notes/2024-09/">September, 2024</a></li>
<li><a href="/cgspace-notes/2024-08/">August, 2024</a></li>
</ol>
</section>
<section class="sidebar-module">
<h4>Links</h4>
<ol class="list-unstyled">
<li><a href="https://cgspace.cgiar.org">CGSpace</a></li>
<li><a href="https://dspacetest.cgiar.org">DSpace Test</a></li>
<li><a href="https://github.com/ilri/DSpace">CGSpace @ GitHub</a></li>
</ol>
</section>
</aside>
</div> <!-- /.row -->
</div> <!-- /.container -->
<footer class="blog-footer">
<p dir="auto">
Blog template created by <a href="https://twitter.com/mdo">@mdo</a>, ported to Hugo by <a href='https://twitter.com/mralanorth'>@mralanorth</a>.
</p>
<p>
<a href="#">Back to top</a>
</p>
</footer>
</body>
</html>