Comment on Anubis is awesome and I want to talk aout it
CameronDev@programming.dev 12 hours agoA HTTP get request is a few hundred bytes. The response is 28KB. Thats 280x. If a large botnet wanted to denial of service an Anubis protected site, requesting that image could be enough.
Ideally, Anubis should serve as little data as possible until the POW is completed. Caching the POW algorithm (and the image) to a CDN would also mitigate the issue.
teolan@lemmy.world 11 hours ago
The whole point of Anubis is to not have to go through a CDN to sustain scrapping botnets
CameronDev@programming.dev 9 hours ago
I dunno that is true, nothing in the docs indicates that it is explicitly anti-CDN. And using a CDN for a static javascript resource and an image isn’t the same as running the entire site through a CDN proxy.