On Fri, Mar 14, 2025 at 3:39 PM Nick Holland
<n...@holland-consulting.net> wrote:
>
> hello.
> As you may have noticed, cvsweb.openbsd.org has been having
> issues. This time, it is due to effectively a Distributed Denial of
> Service, though I don't actually believe it is /deliberately/
> malicious. Speculation is someone is trying to feed a so-called AI
> application from cvsweb. While I admire the idea of training an AI
> from the work of some of the best programmers in the world, cvsweb
> is a perl script that writes a lot of temp files. The current
> system is many times the first cvsweb HW I set up many years ago,
> and won't even notice humans using it, when hundreds of simultaneous
> automated queries are happening, things get bad quickly.
>
> FOR NOW, I've stopped the ability of cvsweb to show diffs of file
> revisions. This is where both much of the abuse was happening, and
> also much of the load on the system came from.
> YES, that's horribly annoying, but you can still download any
> individual version of a file and you can still see the annotated
> output. I'll be thinking about a longer-term solution (which may
> also be "wait until they get bored and move on").
sorry to hear about AI's latest victim. i had this problem on my gitea
instance running on openbsd, where the crawler decided to follow every
link to every revision of my mirrors of openbsd src and linux, and i
"fixed" it with robots.txt which the particular crawler ("claudebot")
respected. robots.txt:
User-agent: *
Disallow: /
>
> Sorry for the inconvenience.
>
> Nick.
>
