Recent Updates Page 2 Toggle Comment Threads | Keyboard Shortcuts

  • Elmer Masters 10:07 am on May 23, 2025 Permalink
    Tags: ,   

    starting the day with a round of updates for Classcaster.

     
  • Elmer Masters 5:04 pm on May 22, 2025 Permalink
    Tags: , Let's Encrypt, OLE   

    Renewed Let’s Encrypt cert for openlegaleducation.org.

     
  • Elmer Masters 12:14 pm on May 22, 2025 Permalink
    Tags:   

    PR#50 https://github.com/CCALI/drupal-10/pull/50 reviewed and merged into develop.

     
  • Elmer Masters 12:09 pm on May 22, 2025 Permalink  

    In PR#50, CALI-102 is good to go.

     
  • Elmer Masters 11:52 am on May 22, 2025 Permalink  

    Reviewing PR#50 https://github.com/CCALI/drupal-10/pull/50

     
  • Elmer Masters 11:30 am on May 22, 2025 Permalink
    Tags: DDoS, , HAProxy,   

    Eliminating bad traffic targeting Drupal and Solr 

    a short post-mortem on eliminating all of that bad search traffic that was triggering multiple reds throughout the day.

    I put a number of vaguely regex filters in place on the load balancer and then redirect things to a Google search. We were seeing hits directly to Solr through Drupal on the order of hundreds per minute that put high loads on the entire web stack. Eventually this triggered failures. Since the URLs being used were easy to parse using only a few search terms repeatedly, building a rule to block them was easy. The bigger question was where to put the blockers. Ultimately blocking these attacks at the load balancer was the best idea.

    An additional concern was the possibility of snagging legit student searches in the filters. This is addressed by allowing for at least some of the search filters to remain in place. For example, a search for “commercial lease” still works as do the drill downs by content type. If an attempt is made to drill down by topic after the initial search for “commercial lease” the rule is engaged and access is redirected to a Google search page for “CALI Lessons commercial lease”. By using the redirect to a Google search we offer a return path for any unsuspecting visitor doing a legit search.

    Below are the lines added to the HAProxy configuration to enable the rules that block the bad actors from the site.


    acl match_query url_reg /search/site/commercial%20lease\?f%5B0%5D=im_field_cali_topics.*$
    http-request redirect location https://www.google.com/search?q=CALI+Lessons+commercial+lease if match_query
    acl match_query url_reg /search/site/bar%20prep\?f%5B0%5D=im_field_cali_topics.*$
    http-request redirect location https://www.google.com/search?q=CALI+Lessons+bar+prep if match_query
    acl match_query url_reg /search/site/later\?f%5B0%5D=im_field_cali_topics.*$
    http-request redirect location https://www.google.com if match_query
    acl match_query url_reg /search/site/commercial%20please\?f%5B0%5D=im_field_cali_topics.*$
    http-request redirect location https://www.google.com/search?q=CALI+Lessons+commercial+lease if match_query

     
  • Elmer Masters 5:22 pm on January 24, 2024 Permalink
    Tags:   

    Fun fact: live blogging on Classcaster still works.

     
  • Elmer Masters 5:21 pm on January 24, 2024 Permalink  

    Working on an update to the Classcaster db. Moving from MySQL5.7 to MySQL 8.0

     
  • CALI Admin 3:21 pm on February 3, 2018 Permalink
    Tags:   

    HI. This is a post on the new server. Hurray!

     
  • Elmer Masters 3:25 pm on November 28, 2017 Permalink
    Tags: ,   

    Turns out that all the end notes need to be converted into proper Pressbooks footnotes or else they aren’t properly picked up in the cloning process. Since the cloning feature is a center piece of the Lawbooks site, the footnotes need to be properly converted.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
Secret Link