Moar Cooties
-
Is that really that common?
Yes. AFAIK, every site gets stuff like that from bots or whatever looking for vulnerabilities.
Over 30 seconds to get your profile?
SNAFU
-
No bot specific activity that i can see in obvious in the top 30 server loads
although there are these URLs used by Servercooties.com
@boomzilla said:```text
GET / HTTP/1.1 1077.97 6155
[...]
GET /t/2/last HTTP/1.1 621.36 5056
[...]
GET /latest.json HTTP/1.1 415.25 5056lets see.... data is over a 24 hour period....
=246060
86400there's an enforced 5 second delay between requests that servercooties.com makes
=86400/5
17280and the endpoints cycle through so......
=6155+5056+5056
16267hmm..... @boomzilla <a href="/t/via-quote/52855/148">said</a>:<blockquote>``` 45.55.146.244 4271.72 25488 ```</blockquote> something is not adding up at all..... servercooties.com should be making a maximum of ca. 17.2k requests per day (burning about an hour of runtime per day (6x less than whomever is `54.209.60.63`, and a little less than 3x less than `66.,249.66.30`)), but the endpoints it calls only register a total of 16.2k requests (inclusive of anyone else who hits those endpoints and the IP address is listed as making 25.4k requests.... hmm.... weird.
-
although there are these URLs used by Servercooties.com
Yes, those are regularly on there, but the values aren't anything that looks to me like it's being a problem right now.
and the IP address is listed as making 25.4k requests....
What about discopædiea display stuff?
Either way, I don't think servercooties has been a problem since it stopped looking at /t/1000 (it used to do that, didn't it?).
-
Yes, those are regularly on there, but the values aren't anything that looks to me like it's being a problem right now.
agreed. still, something to keep an eye on.What about discopædiea display stuff?
... ah. yes. though that should be pulling only every ten hours.although avatars are only cached in memory for ten minutes.... that could be extended i guess.
still. as you say it's not causing issues right now.
Either way, I don't think servercooties has been a problem since it stopped looking at /t/1000 (it used to do that, didn't it?).
very briefly. we had it do that during the first weekend we had it running and it caused so many cooties we quickly switched away from it to something much smaller. (/t/2 to be precise)
-
But how are you supposed to store XML in that?
-
104.131.28.45 4147.18 5973
okay, that's the VM that runs all my bots.
it's currently running 4 different bots, so that's an average of about 1k duration per account, which puts each bot well below some unaugmented users (i assume @M_Adams, @royal_poet, and @dcon are all vanillas, and haven't applied any cybernetic implants to their account yet)
i really should do something about paulabean.... with the new API i should be able to work something up on that score....
-
(6x less than whomever is 54.209.60.63
Name: nat.aws.kontera.com Address: 54.209.60.63
-
@accalia said:
(6x less than whomever is 54.209.60.63
Name: nat.aws.kontera.com Address: 54.209.60.63
not one of mine. i don't do business with AWS.
not for personal anyway.
-
not sue I agree with vanilla, but yes, no cyborg components
-
not sue I agree with vanilla
there are various kinds of....
oh forget it. i can't resist.
-
not one of mine. i don't do business with AWS.
not for personal anyway.
That's not a standard AWS hostname.
This (further down) is:
Name: ec2-52-88-134-242.us-west-2.compute.amazonaws.com Address: 52.88.134.242
So either someone's got an instance on an IP which Amazon is reusing without resetting the RDNS or... actually, I don't know what else as kontera.com doesn't resolve to anything.
-
haven't applied any cybernetic implants to their account yet
I don't run any sockbot modifications under my username either. They're all under yamibot. Do I win a prize for being the highest-use vanilla user?
(I've been looking at my Private Message list, and thus my profile, frequently over the past few days for some mysterious reason.)
-
are all vanillas, and haven't applied any cybernetic implants to their account yet
Yup, totally vanilla!
-
-
Can I be chocolate?
....
wait....
.....
E_FATAL_PARSE_ERROR
INITIATING EMERGENCY SELF DESTRUCT!
SELF DESTRUCT IN 10...
9...
8...
-
I wonder if Accalia will notice the 7 bots in that list, all of which produce more load than I do. And I mouth off here all the time.
-
I wonder if Accalia will notice the 7 bots in that list, all of which produce more load than I do. And I mouth off here all the time.
Yes, but you obviously don't read, or you'd have noticed that she already did, eh?
-
I reply as I go down the thread. You know that.
-
We discussed lots of bot stuff prior to that post.
-
I wonder if Accalia will notice the 7 bots in that list, all of which produce more load than I do
I wonder if you'll ever bother to read something before commenting on it.
and i assume that the fact that there are multiple users who are not bots, nor run bots on their account, generate more load than any of my bots is menaingless to you.
I also assume you'll blame me for all of the bots on that list despite the fact that only 3 of those bots are actually under my direct control.
-
-
Guys, @dcon is mafia. I tracked him last night.
Since I don't read that thread... oh well...
-
I think some of them may be getting back into /t/1000:
Top 30 users by Server Load Username Duration Reqs Routes -------- -------- ---- ------ [Anonymous] 89968.14 108668 topics/show(70420.91) user_avatars/show(6293.57) -(4062.92) - (POST)(1996.39) list/latest(1900.60) CodingHorrorBot 7695.62 4920 topics/show(5561.92) posts/show(1197.27) topics/posts(667.84) notifications/mark_read(137.58) notifications/index(131.01) discoursebot 7463.13 4918 topics/show(5554.07) posts/show(1230.07) topics/posts(511.83) notifications/index(113.01) notifications/mark_read(54.15) PaulaBean 6009.59 12525 topics/show(5956.48) list/category_latest(44.13) topics/status(5.05) posts/create (POST)(3.92) boomzilla 3017.64 3868 topics/timings (POST)(985.80) topics/show(680.47) posts/create (POST)(523.66) draft/update (POST)(218.15) notifications/index(161.82) sockbot 2733.42 2717 topics/posts(1997.39) list/latest(478.84) notifications/index(161.59) notifications/mark_read(70.98) topics/timings (POST)(24.62) Top 30 urls by Server Load Url Duration Reqs --- -------- ---- POST /topics/timings HTTP/1.1 30848.63 79059 GET /t/1000.json?include_raw=1&track_visit=true HTTP/1.1 10860.51 3787 POST /posts HTTP/1.1 3988.01 956
-
No idea how, neither discoursebot nor codinghorrorbot are configured to have anything to do with T-1000.
Both have the same topics configured:
"topics": [1887,50869,53366,53266]
-
Maybe unarchive T-1000 (so it can be liked) then make another post and see who/what likes it?
-
-
For the record, I've been using an iPad only for here (so no bot powers) but the hitting rate of the timings route is a design flaw that I can do nothing about except not reading...
-
I think some of them may be getting back into /t/1000:
:-(
i don't suppose there's any way to tell which account is doing that?
-
i don't suppose there's any way to tell which account is doing that?
Not by me. It's maybe possible that @PJH could take a look at the raw access logs, assuming that information is there.
-
Not by me. It's maybe possible that @PJH could take a look at the raw access logs, assuming that information is there.
@codinghorrorbot and @discoursebot are the only things looking at that thread more than strictly necessary, but it's continuous rather than bursty.
root@what:/var/discourse/shared/standalone/log/var-log/nginx# grep /t/1000 access.log | grep "Bewitching Burlap; owner:loopback0; user:CodingHorrorBot" | wc -l 1155 root@what:/var/discourse/shared/standalone/log/var-log/nginx# grep /t/1000 access.log | grep "Bewitching Burlap; owner:loopback0; user:discoursebot" | wc -l 1160 root@what:/var/discourse/shared/standalone/log/var-log/nginx# head access.log -n1 [05/Jan/2016:07:35:17 +0000] [IP Elided] "POST /message-bus/adfa1fd0bf114525b19025cb973a641b/poll?dlp=t HTTP/1.1" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0" "-" 200 661 "https://what.thedailywtf.com/t/yet-another-climate-change-topic/52326/117" 0.045 0.045 "-" root@what:/var/discourse/shared/standalone/log/var-log/nginx# date -u Tue Jan 5 12:43:08 UTC 2016
-
@PJH - Last Day Without A Discourse Bug: null
-
-
@codinghorrorbot and @discoursebot are the only things looking at that thread more than strictly necessary, but it's continuous rather than bursty.
hmm.....
@loopback0's got some 'splainin to do then.
-
@loopback0's got some 'splainin to do then.
@loopback0 said:No idea how, neither discoursebot nor codinghorrorbot are configured to have anything to do with T-1000.
Both have the same topics configured:"topics": [1887,50869,53366,53266]
-
don't you roll your eyes at me young man! you are shamefully out of date in your bot installations!
-
Does being out of date make the damn thing look at T-1000 when it hasn't been told to?
-
Does being out of date make the damn thing look at T-1000 when it hasn't been told to?
!
<insert epic temper tantrum here>
you should be update! what about all the new
bugsfeatures that have been introduced since you last updated? you want to get all thosebugsfeatures don't you?!!
... wait... it's discourse that introduces new bugs, not SockBot. MY BAD! :-P
-
I've updated now anyway, hopefully that'll make a difference in future Discostats.
-
-
I'll write my own bot. That will just spend the day reading @accalia 's profile page! Undoing all your good will!
edit* and it will post under my name solely with exclamation marks!
-
I'll write my own bot. That will just spend the day reading @accalia 's profile page! Undoing all your good will!
I'll take "ways to get banned quickly" for $10,000 please, Alex.
-
@DogsB said:
I'll write my own bot. That will just spend the day reading @accalia 's profile page! Undoing all your good will!
I'll take "ways to get banned quickly" for $10,000 please, Alex.
how about https://what.thedailywtf.com/latest.json once every 10 seconds to check for @fbmac?
-
You may as well just request his profile page. He helpfully keeps it quite small...
-
fbmacbot — Posts something to a random topic, then immediately deletes it.
-
(post withdrawn by author, will be automatically deleted in 42 hours unless flagged)
-
Who broke it this time?
-
Not me. I was playing solitaire during a conference call.
-
servercooties.com should be making a maximum of ca. 17.2k requests per day (burning about an hour of runtime per day (6x less than whomever is 54.209.60.63, and a little less than 3x less than 66.,249.66.30)), but the endpoints it calls only register a total of 16.2k requests (inclusive of anyone else who hits those endpoints
and the IP address is listed as making 25.4k requests....
hmm....
weird.
The key here is that servercooties.com makes a maximum of 17.2k requests to check on WTDWTF's health. You had originally designed servercooties.com to always perform a check every 5 seconds, whether the previous response had been received yet or not. But several months back I suggested that you change to submitting a request 5 seconds after the previous request received a response or timed out, an idea which you implemented. Also, there are indications that the mechanism used to count requests probably doesn't count errored requests toward a specific endpoint. These two points would explain why the requests at the endpoints are lower than the maximum that servercooties.com is configured to output.
As for why the total number of requests from the servercooties.com IP exceeds 17.2k, that seems fairly simple as well. When requesting the main page or /t/2/last, the server will try to serve up the entire page. Depending on how you have servercooties.com set up, it may be making followup requests to get the additional resources for the page (scripts, CSS, images, etc.) In addition, as @boomzilla mentioned, you also have the requests for displaying stuff from the Discopædia. On top of that, errored requests may count against the requesting IP. Put all of that together, and you could easily get another 9.2k requests beyond what the endpoints counted.
-
The key here is that servercooties.com makes a maximum of 17.2k requests to check on WTDWTF's health. You had originally designed servercooties.com to always perform a check every 5 seconds, whether the previous response had been received yet or not. But several months back I suggested that you change to submitting a request 5 seconds after the previous request received a response or timed out, an idea which you implemented. Also, there are indications that the mechanism used to count requests probably doesn't count errored requests toward a specific endpoint. These two points would explain why the requests at the endpoints are lower than the maximum that servercooties.com is configured to output.
this is correct, yes.
When requesting the main page or /t/2/last, the server will try to serve up the entire page. Depending on how you have servercooties.com set up, it may be making followup requests to get the additional resources for the page (scripts, CSS, images, etc.)
nope. servercooties.com does not do a full page load, it doesn't even load the DOM. it makes one HTTp request and records the time it took, and what the HTTP status code was (also the length of the response IIRC but that's not used anywhere)no, the extra requests are, in fact, discodefinitions.
i'll be looking into those shortly to see if i can tone those requests back.
-
nope. servercooties.com does not do a full page load, it doesn't even load the DOM. it makes one HTTp request and records the time it took, and what the HTTP status code was (also the length of the response IIRC but that's not used anywhere)
Meh, it was an idea.