Weather Talk For BC no matter what you ride

Images Temporarily Disabled

Off Topic Comments, Help, Tips and Trick

by Alton » Thu Aug 08, 2024 5:22 am

I'm temporarily disabled some image capabilities in order to isolate a cost issue.
User avatar
Alton
 
Posts: 7122
Joined: Mon Oct 21, 2013 6:09 am

by Ryan » Thu Aug 08, 2024 1:01 pm

Thanks Alton! Thanks as always for providing the website for free with no ads for everyone.
User avatar
Ryan
 
Posts: 494
Joined: Fri Oct 25, 2013 3:19 pm

by LeopardSkin » Thu Aug 08, 2024 2:42 pm

Thanks muchly for well service.
User avatar
LeopardSkin
 
Posts: 2769
Joined: Mon Oct 21, 2013 8:01 am
Location: on my phone

by Alton » Sun Sep 08, 2024 11:04 am

I think I found the root cause ...

ClaudeBot/1.0 is aggressively harvesting content from WTFBC to train their LLM's.

Claude (Anthropic) is the biggest competitor to OpenAI.

Other culprits include the AmazonBot, ByteDance (TikTok).

This morning I've denied access to all these bots :evil:

Fingers crossed.

Sadly, we're entering a dystopian future with all this AI / LLM bullshit
User avatar
Alton
 
Posts: 7122
Joined: Mon Oct 21, 2013 6:09 am

by Ryan » Mon Sep 09, 2024 9:39 am

Good to hear. On the bright side at least our AI overlords will know something about windsports.
User avatar
Ryan
 
Posts: 494
Joined: Fri Oct 25, 2013 3:19 pm

by Alton » Mon Sep 09, 2024 9:59 am

Looks like someone else in Azure Toronto is attempting a SQL injection attack :shock:

Maybe this is the big culprit all this time

4.206.81.128 - - [09/Sep/2024:16:38:35 +0000] "GET /photoalbum.php?id=1343+%2F%2A%2A%2F%2F%2A%2A%2FOR%2F%2A%2A%2FROW%282018%2C1386%29%3E%28SELECT%2F%2A%2A%2FCOUNT%28%2A%29%2CCONCAT%280x4c68454a%2C%28SELECT%2F%2A%2A%2FIFNULL%28CAST%28COUNT%28schema_name%29%2F%2A%2A%2FAS%2F%2A%2A%2FNCHAR%29%2C0x20%29%2F%2A%2A%2FFROM%2F%2A%2A%2FINFORMATION_SCHEMA.SCHEMATA%29%2C0x59566c56%2CFLOOR%28RAND%280%29%2A2%29%29x%2F%2A%2A%2FFROM%2F%2A%2A%2F%28SELECT%2F%2A%2A%2F2027%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F8505%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F7491%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F4808%29a%2F%2A%2A%2FGROUP%2F%2A%2A%2FBY%2F%2A%2A%2Fx%29 HTTP/1.1" 403 177 "-" "Opera/9.64 (Macintosh; PPC Mac OS X; U; en) Presto/2.1.1"
User avatar
Alton
 
Posts: 7122
Joined: Mon Oct 21, 2013 6:09 am

by Ryan » Mon Sep 09, 2024 10:13 am

Interesting, ChatGPT came up with this below. But the SQL seems to be just trying to collect schema information at this point.

Conclusion:
This request appears to be part of an SQL Injection attack targeting the photoalbum.php page by manipulating the id parameter to execute malicious SQL code. The server correctly blocked it with a 403 Forbidden response.
User avatar
Ryan
 
Posts: 494
Joined: Fri Oct 25, 2013 3:19 pm

by Alton » Mon Sep 09, 2024 10:17 am

Ryan wrote:Interesting, ChatGPT came up with this below. But the SQL seems to be just trying to collect schema information at this point.

Conclusion:
This request appears to be part of an SQL Injection attack targeting the photoalbum.php page by manipulating the id parameter to execute malicious SQL code. The server correctly blocked it with a 403 Forbidden response.

Yep. I just put a rule in nginx to deny access (403) to user agents containing "presto" ... tough luck to Opera browser users.
User avatar
Alton
 
Posts: 7122
Joined: Mon Oct 21, 2013 6:09 am

by Brian C » Mon Sep 09, 2024 4:52 pm

Glad you know what you’re talking about- that’s all Geek-Greek to me. Big Thank You for keeping the site working though!
Brian C
 
Posts: 751
Joined: Fri Oct 25, 2013 7:21 pm

by Alton » Thu Sep 12, 2024 4:37 am

Yesterday, there were 4 million SQL injection attempts over 3 hrs ... which is over 350 requests per second.

That's insane :shock:
User avatar
Alton
 
Posts: 7122
Joined: Mon Oct 21, 2013 6:09 am

Next

Return to General