Reducing massive fetches(DDoS) with link previews
The load created by fetching previews has been an ongoing issue for a serious while, by default pleroma+mastodon is basically rendering some websites offline, enough that sometimes I avoid making some URLs an actual link.
I have these ideas:
- Shared proxies, maybe by reusing media proxies because technically you could put anything that you want as attachment URL, thus doing the same thing as previews but even worse, that said most users likely aren't going to use custom URLs so non-malicious use gets better.
- Embedding the preview data in the post, this means giving up on having reliable-enough data to show but with custom HTML + a false page you can confuse quite a lot of clients.
I put a false page on https://hacktivis.me/tmp/joinmastodon.org.html around 2020-02-14, it's just an HTML file with
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
And I'd much rather have link previews being disabled (by default?) until we figure out a better way.
Edited by Haelwenn