Welcome to this week’s casual kōrero thread!
This post will be pinned in this community so you can always find it, and will stay for about a week until replaced by the next one.
It’s for talking about anything that might not justify a full post. For example:
- Something interesting that happened to you
- Something humourous that happened to you
- Something frustrating that happened to you
- A quick question
- A request for recommendations
- Pictures of your pet
- A picture of a cloud that kind of looks like an elephant
- Anything else, there are no rules (except the rule)
So how’s it going?
That’s a good point! I actually got mine so I could “win” google. Kind of want to know what your escapades are now!
Just checked with duckduckgo and I seem to have lost SEO to an inactive profile on blogspot of all places, which is super weird!
Nothing that would stand out in a crowd of teenage escapades, and luckily prior to smart phone cameras. To my knowledge there isn’t anything online that an employer might worry about, but it’s nice to know they couldn’t find it even if they wanted to.
I guess the next thing to worry about is if someone with the same name commits a horrible crime.
I guess blogspot’s ranking may give a boost to the blogs they host. For my private stuff (i.e. everything except lemmy stuff), I don’t even have anything at the root domain. Everything is on a subdomain, because I’m not trying to drive traffic to it an in fact want the opposite.
Aaah you have one of those websites! I arrive at them and then spend ages trying to work out if there is anywhere to go. Like a less empowering version of zombo!
Have to say we are fortunate to get our teenage years in pre-phone cameras. My drunk and disorderly fashion crimes live on only in the minds of people who witnessed them.
This conversation is reminding me I should fix my old site. I hate the constant updates involved in wordpress.
There’s literally nothing at the root domain as in if you try to go there it will just say it couldn’t connect this site doesn’t exist. Not even a blank page. I find it’s pretty common, any time I interact with someone with a custom email address I try to go to the site and a lot of the time it doesn’t exist.
😆 maybe I should put something like that on the root domain!
Yeah, progress. When my kids or grandkids are older, there will probably be constant CCTV monitored by AI, posting clips of the ridiculous escapades to social media in real time.
I’ve never hosted wordpress. I don’t have a reason to, but running a site and seeing all the hits to wordpress URIs from bots trying to exploit known vulnerabilities puts me off anyway!
Oh I get you now, I’ve met email addresses like that too. Some people though you google them and a blank page with one or two sentences appears, those are the ones that frustrate me.
It would be cool to have a zombo like entity but might attract the attackers?
Thanks I hate it. Mainly because you’re probably right - it will be like those “border control” and “disaster” reality shows only automated. Something to look forward to!😅
Yeah it’s really yucky, it feels like an arms race with endless bots, updates, stuff breaking, but when I decided to use a CMS it just seemed way easier than Joomla or Drupal which were the other main options back then. That said, I used to see malicious visits back when it was just an html website.
Do you get many bad actors hosting in the fediverse?
Realistically, having no page at the root domain is unlikely to have any real security benefit, except perhaps not bringing attention to yourself. Security people would say everything extra you add (such as hosting another web page at the root domain) adds to your attack surface, but I don’t think hosting one extra static page is likely to make a difference.
Mostly I just have no reason to put anything there.
I don’t host any wordpress sites but get (failed) hits to wordpress URIs because bots are just set to scan for any site and they attempt to access a known URI. E.g. if there is an exploit affecting the (made up) wordpress page at wordpresssite.com/settings/admin, then I see hits to mysite.nz/settings/admin even though such a page doesn’t exist. The bots just scan thousands of domains hoping for a hit.
I first noticed these when I blocked all access from outside NZ, and found all the now blocked URLs (mostly requests from from Russia or China).
In terms of actual malicious instances, not really. Mostly the issues with instances are instances abandoned by their admin (but for some reason still up) with open registrations, so trolls can just go there and make new accounts to their heart’s content.
The main issue we see though are AI scrapers. Sooooooo many. You can put in a robots.txt to ask ChatGPT, Amazon, Google, etc to stay away. But the start up AI companies are relentless. They ignore robots.txt, they lie about their user agent to avoid detection, and they make millions of requests with no throttling. It’s a cat and mouse game to block them via IP.
Cloudflare has an AI bot block mode, but it breaks federation so we can’t use it (admittedly, federation is basically bot traffic). They seem to die down traffic once blocked (I guess if they reach the first page, they try to follow links, but if they are blocked at the first point they can’t continue). But despite this, we have still blocked 30,000 AI bot requests in the last 24 hours.
I know some of the bigger servers like Lemmy.world are blocking IP ranges belonging to Alibaba and others (and adding to the list all the time), because the traffic is just insane.