dpaste.com @Dpaste@fosstodon.org

Released today: django-blocklist v1.3.0. Combined the 'add_to_blocklist' and 'update_blocklist' management commands.

Dpaste now has a '.well-known/security.txt' file to aid in reporting of any discovered vulnerabilities. https://securitytxt.org/

I maintain dpaste for fun and to help the community, but you can help defray hosting costs by buying me a coffee... https://ko-fi.com/dpaste

The Django-Blocklist project has moved to Gitlab. If it's of interest to you, please star it!

https://gitlab.com/paul_bissex/django-blocklist

Out today: A patch release of Django-Blocklist, fixing an issue that was creating excessive noise in error trackers like Sentry and Bugsnag.

https://git.sr.ht/~paulbissex/django-blocklist/tree/trunk/item/CHANGELOG.md#2022-07-09

New release of Django-Blocklist, with a couple user-requested changes: https://pypi.org/project/django-blocklist/1.2.0/

Reminder: If you use dpaste for this kind of thing, your content will be deleted and your IP will be blocked. https://incident.netcraft.com/838/838c04fc58f1/

Due to an error in DNS configuration, the site is currently unreachable. The error has been corrected, but DNS propagation delays mean it may be an hour or more before you're able to reach it again. Sorry for the disruption!

Feature announcement: the previewing feature for #Markdown and #RestructuredText items is now available for all users. Look for the "Preview" button on items in those formats.

https://dpaste.com/2SMEV9JDB-preview

Another piece of the dpaste.com application stack released as an open source #Django component: django-blocklist, an application-layer solution for IP-based blocking.

https://sr.ht/~paulbissex/Django-Blocklist/

For the first time, a non-US country tops the IP count in the active dpaste corpus (https://dpaste.com/about):

Update: the styles preview page now shows three different snippets for each style, to give a better idea of how a given style may look with your content. https://dpaste.com/styles

As a #Mercurial fan I was touched to see a dpaste reference in this Atlassian post from ten years ago:

https://www.atlassian.com/blog/software-teams/mercurial-vs-git-why-mercurial

The reference is a "send this diff to dpaste" customization for hg.

The markup for the script seems to have suffered bitrot, and of course Atlassian has since abandoned Mercurial. But still this makes me smile!

LiveCodes is a "feature-rich, easy to use coding playground" that uses dpaste.com for its sharing feature. It's a client-side app that can be hosted on any static file server. Library developers can also use it for documenting and showcasing their products.

Check it out! https://github.com/live-codes/livecodes

Today the site experienced a subsantial distributed spam onslaught (all promoting a "Mass advertising mailing service").

The perp had a very large collection of IPs at their disposal -- at least 3,500 .

The IPs have been blocked and the spam signature has been added to the site's spam detection system.

Carry on!

Heard back from CDN support, and the issue looks to be fixed. "One of our nodes had issues resolving the DNS of your origin ... now fixed on our end."

Apologies for the disruption!

We're seeing intermittent error responses from the site's CDN provider -- if you see an unstyled page, that's why.

I've got a support ticket open with them and will post any updates here.

The longstanding rate limit policy of one request per second is now being enforced. If you exceed the limit, you'll get an HTTP 429 response with a `retry-after` header reminding you how many seconds to wait. This policy is intended to help keep the service stable and usable for everyone. Carry on!

I enhanced the internal tool for blocklist reporting to tell me which blocked IPs make the most requests. Today's winner has been blocked 5268 times... so far.