We all migrate to smaller websites try not to post outside drawing attention just to hide from the “Ai” crawlers. The internet seems dead except for the few pockets we each know existed away from the clankers
We all migrate to smaller websites try not to post outside drawing attention just to hide from the “Ai” crawlers. The internet seems dead except for the few pockets we each know existed away from the clankers
That’s because it’s numerically possible to sweep through the entire IPv4 address range fairly trivially, especially if you do it in parallel with some kind of botnet, proverbially jiggling the digital door handles of every server in the world to see if any of them happen to be unlocked.
One wonders if switching to purely IPv6 will forestall this somewhat, as the number space is multiple orders of magnitude larger. That’s only security through obscurity, though, and it’s certain the bots will still find you eventually. Plus, if you have a doman name the attackers already know where you are — they can just look up your DNS record, which is what DNS records are for.
I love your “multiple orders of magnitude”. I don’t think you appreciate or realise how much larger ipv6 address space is :)
I wasn’t going to type that many commas for the sake of brevity, but it’s 340,282,366,920,938,463,463,374,607,431,768,211,456 possible addresses. I.e. 2128. So yes, I do.
I consider 96 orders (in binary, anyway) as “multiple.” Wouldn’t you?
I like seeing them try and then thinking “begone thot! There is no entry for you”
In fact, I might make a honeypot that issues exactly that
Servers which are meant to be secure usually are configured to not react to pings and do not give out failure responses to unauthenticated requests. This should be viable for a authenticated only walled garden type website op is suggesting, no?
There are several things you could do in that regard, I’m sure. Configure your services to listen only on weird ports, disable ICMP pings, jigger your scripts to return timeouts instead of error messages… Many of which might make your own life difficult, as well.
All of these are also completely counterproductive if you want your hosted service, whatever it is, to be accessible to others. Or maybe not, if you don’t. The point is, the bots don’t have to find every single web service and site with 100% accuracy. The hackers only have to get lucky once and stumble their way into e.g. someone’s unsecured web host where they can push more malware, or a pile of files they can encrypt and demand a ransom, or personal information they can steal, or content they can scrape with their dumb AI, or whatever. But they can keep on trying until the sun burns out basically for free, and you have to stay lucky and under the radar forever.
In my case just to name an example I kind of need my site to be accessible to the public at large if I want to, er, actually make any sales.
But an IP can have multiple websites and even not return anything on plain IP access. How do crawlers find out about domains and unlinked subdomains? Do they even?
@kossa @dual_sport_dork If you’re using HTTPS, which is by and large the norm nowadays, then every domain is going to be trivially discoverable via certificate transparency logs: https://social.cryptography.dog/@ansuz/115592837662781553
thinking about this, wouldn’t the best way to hide a modern websie be something along getting a wildcard domain cert (can be done with LE with DNS challenge), cnaming the wildcard to the root domain and then hosting the website on a random subdomain string ? am I missing something
I do something something like this using wildcard certs with Let’s Encrypt. Except I go one step further because my ISP blocks incoming data on common ports so I end up using an uncommon port as well.
I’m not hosting anything important and I don’t need to always access to it, it’s mostly just for fun for myself.
Accessing my site ends up looking like
https://randomsubdomain.registered-domain-name.com:4444/My logs only ever show my own activity. I’m sure there are downsides to using uncommon ports but I mitigate that by adjusting my personal life to not caring about being connected to my stuff at all times.
I get to have my little hobby in my own corner of the internet without the worry of bots or AI.