There's actually a huge botnet targeting /mona/. Something ludicrously oversized for a site with such a low traffic. 99.999999999% of visits are from spambots and crawlers.
SchemeBBS is often unattended for a long period of time, so /mona/ was shut down for some months before a quick fix was written leveraging ngx-auth-request-module. The authentication server is written in Gerbil Scheme, it checks if the request origin is in a dnsbl-like blacklist and replies 403 if that happens to be the case.
location / {
...
auth_request /auth;
auth_request_set $auth_status $upstream_status;
}
#auth server
location /auth {
internal;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
if ($request_method = POST ) {
proxy_pass http://localhost:<port>/check?ip=$remote_addr;
}
if ($request_method = GET ) {
return 200;
}
}Unfortunately, it makes it much harder to use a proxy for privacy-savvy users to post but real anonymous anons should really start using i2p. (an update to i2pd seems to have fixed the recurring segfaults and this home-cooked ``WAF'' is still better than routing everything through something evil like Cloudflare.