rvba/docs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Actualiser Security

Milovann Yanatchkov 2025-12-19 13:36:54 +01:00
parent 13a4212b2c
commit f6d3ad0d50
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
Security.md

@ -6,13 +6,19 @@
In December 2025, when I realized that once again, my small server hosting this Forge was literally *assaulted* by AI gang-bots, I was so fed up I decided to take every possible actions to quickly stop the situation. Observing that the main cause of the assault was linked to the repo hosting the sources of Forgejo from which I make GitAec, I decided to shut down the repo and move it to Codeberg. That was a nice move considering that Codeberg is now ... the new Github ! In December 2025, when I realized that once again, my small server hosting this Forge was literally *assaulted* by AI gang-bots, I was so fed up I decided to take every possible actions to quickly stop the situation. Observing that the main cause of the assault was linked to the repo hosting the sources of Forgejo from which I make GitAec, I decided to shut down the repo and move it to Codeberg. That was a nice move considering that Codeberg is now ... the new Github !
In this page, my aim is to document the situation and centralize some technical informations. In this page, my aim is to document the situation and centralize some technical information.
## The Waves ## The Waves
My very first issue with security started in April 2024, when someone or something [named 'O'](https://web.archive.org/web/20240401202656/https://gitaec.org/O) decided to fill my Forge with gigabytes of garbage data. I was still accepting registrations at the time, and with this first episode, I changed my mind and decided to close registrations. But that's not the real subject here, so let's move forward. My very first issue with security started in April 2024, when someone or something [named 'O'](https://web.archive.org/web/20240401202656/https://gitaec.org/O) decided to fill my Forge with gigabytes of garbage data. I was still accepting registrations at the time, and with this first episode, I changed my mind and decided to close registration. I'll never know what was in those garbage data, and how serious this first "incident" was, but this was just the first wave of a coming storm. Then a few months later, things went a bit more tough...
*To be continued....* ## Friends & Enemies
2024, *notes from the logbook.*
🚨 **June 28th** : [gitaec.org](https://gitaec.org) is currently offline due to a [DDoS](https://en.wikipedia.org/wiki/Denial-of-service_attack) attack on its git services. We will be back online as soon as possible. In the meantime, you can browse examples on **[gitaec.com](https://gitaec.com/rvba/hackathon-zurich)**. July, 1st : **The incident is now closed**
✏️ **[Postmortem report](https://en.wikipedia.org/wiki/Postmortem_documentation)** : Starting at the end of June 2024, we began noticing that our forges were slow to respond. We then checked our servers and discover that they were at full CPU capacity, permanently. This was caused by some computationally intensive requests involving git commands such as ``git blame``. We had to shut down our services for a couple of days to find a solution. Our web server logs showed up to 350,000 requests a day targeting git repositories from hundreds of different IPs. But despite this apparent diversity, a single user agent was involved : ``facebookexternalhit``. After some quick research, we found out that we were victims of a DDoS attack [involving a malicious use of the Facebook API](https://developers.facebook.com/community/threads/992798532416685/). By adding a simple user agent test in front of our server proxy (Nginx), we were able to reject these malicious requests. This seems to have "solved" the issue for now.
## The Weight Of Souls ## The Weight Of Souls