- Joined
- Nov 14, 2012
If you see this page, you are seeing what I've been working on the last two months. It is an anti-bot strategy I adopted from the haproxy-protection program by Thomas Lynch. I will explain the motivations behind this rewrite when we have fully migrated to it.
The system is a proof-of-work using SHA256. This is similar to how cryptocurrencies work. When you are seeing this page, your browser is doing math to try and solve a very complicated question probabilistically. If you have multiple tabs open, they will all do work, but if one finds the answer, they will share it with the other tabs.
One of the main advantages to this system to what I was doing before is more lax rate limiting. There is still rate limiting, but when you go over the limit, you will be presented another DDoS retarding page instead of a 429 error that will last several minutes. You probably wont even notice when this happens.
In addition, this page is not based on IP. If you use a popular VPN, your authentication token is distinct to you and you will not encounter rate limiting from other people's activity.
I've used ddosify to test the code and it is resilient to tens of thousands of connections. There's more testing to be done which is why I didn't deploy it to other servers yet.
Please report any issues.
If you saw the page and want to see it again, simply delete the cookie sssg_clearance and refresh.
Last edited:
