Placing GitLab behind Anubis

Hécate hecate at glitchbra.in
Tue Jun 17 05:50:53 UTC 2025 

From experience it takes a couple of seconds and it's just client JS.

Le 17 juin 2025 07:27:41 GMT+02:00, Mark Seemann <mark at ploeh.dk> a écrit :
>Hi
>
>I'm currently just a lurker here, so my opinion may not count as much as those who actually contribute, but perhaps other readers have the same questions as I do.
>
>- What does 'small' mean? Are we talking about a second of work, minutes, hours?
>- Do clients need to install custom software to interact, or is that work done via existing protocols?
>
>TIA
>
>Mark Seemann
>
>-----Original Message-----
>From: ghc-devs <ghc-devs-bounces at haskell.org> On Behalf Of Ben Gamari
>Sent: 16. juni 2025 23:04
>To: GHC developers <ghc-devs at haskell.org>
>Subject: Placing GitLab behind Anubis
>
>Hi all,
>
>As you may know, for the last few years we have used a variety of strategies for dealing with the problem of abuse and spam on gitlab.haskell.org. The currently-employed and seemingly most effective technique has been to require manual approval of new account requests.
>
>This has always been an uneasy compromise. Not only does this approval process add considerable friction to the contribution process, the increasing prevalence of ill-behaved web crawlers has rendered the approach less and less effective at prevent that form of abuse.
>
>For this reason we now exploring alternative approaches. One promising strategy employed by other FOSS GitLab deployments (e.g.
>gitlab.freedesktop.org) is the Anubis proof-of-work system. Anubis works by forcing the client to perform a small (but non-negligible) amount of work before requests are serviced. This will mean that GitLab users'
>clients will periodically be asked to perform small amounts of work.
>While Anubis primarily targets crawlers, it may be that the slight increase in per-request cost might also allow us to lift our manual account approval requirement.
>
>Ultimately, the only way to find out is to try. If there are no objections, I will place Anubis in front of GitLab starting next week.
>During this process we will assess the effectiveness of Anubis at prevent both spam and over-zealous crawlers. This may require a bit of iterative parameter tuning but I am hopeful that the end result might be a more accessible and faster GitLab instance for us all.
>
>Let me know what you think.
>
>Cheers,
>
>- Ben
>
>
>[1] https://github.com/TecharoHQ/anubis
>_______________________________________________
>ghc-devs mailing list
>ghc-devs at haskell.org
>http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/ghc-devs/attachments/20250617/d23ce386/attachment.html>

More information about the ghc-devs mailing list