So what’s the solution to keep abusive access from psudo-ddosing open projects? IP range blocks? Keeping access behind accounts as a speed bump for bots and a tool for tracking abuse?
Anecdotally, I only keep services that require an account to get past the landing page on my VPS. (I’m very new to self hosting and haven’t figured out ways to stop bots/scrapers yet.) So I think if nothing else, that’s a pretty easy starting point.
So what’s the solution to keep abusive access from psudo-ddosing open projects? IP range blocks? Keeping access behind accounts as a speed bump for bots and a tool for tracking abuse?
Anecdotally, I only keep services that require an account to get past the landing page on my VPS. (I’m very new to self hosting and haven’t figured out ways to stop bots/scrapers yet.) So I think if nothing else, that’s a pretty easy starting point.