Roughly the last 12 months have been really hard on my server infrastructure – the servers that I rent and which host sites like slackware.nl, docs.slackware.com, download.liveslak.org, git.slackware.nl and several more.
An un-ending DDoS attack mostly by IP addresses from Chinese origin that keep requesting to download Slackware ISO files, many per second, effectively saturating bandwidth. Combine that with a massive onslaught of AI bots that roam the Internet scraping web content to feed to their LLM models. I have been mitigating these attacks and annoyances using web access control (because blocking all of China on IP level probably is exactly what the Chinese government is trying to achieve here: making sure that Chinese folks lose access to free and open source software). Eventually these were also killing the Apache httpd daemon because that is where the access control is happening.
I am sure you’ve experienced that: when downloading an ISO from slackware.nl or running a “slackpkg upgrade-all” with slackware.nl as the package mirror, connections are aborted randomly.
So I had to make a decision: to deal with this in some way and improve the user experience for the average Slacker.
I have begun migrating my services away from the single physical host (and its hot standby) which has been running all these services sofar. They are being spread onto multiple (also more performant) new hosts.
Completed so far:
- the migration of docs.slackware.com to its own exclusive server. The results are clear: the site is a lot more responsive now and no longer shows empty or incomplete pages. For those with a login account, the login process is a lot faster too.
- Less visible sites that were also moved to new hardware (the second server): myip.slackware.nl, lowlands.alienbase.nl and alphageek.slackware.nl together with the redirect URLs blog.slackware.nl cloudserver.slackware.nl and daw.slackware.nl.
In progress; migrating slackware.nl, download.liveslak.org, git.slackware.nl, git.liveslak.org to a third server. Basically this affects all the mirror data that users want to download.
This part is actually more complex and time-consuming due to the use of MSQL databases that need to be migrated as well (slakfinder for instance), multiple cron jobs to keep data in sync and backed-up and just a lot of data to shuffle around.
I aim to actually switch the various domains and hostnames to their new IP addresses somewhere in the next week. Expect a (hopefully) short downtime for the services mentioned above. If you get “file not found” errors or web sites go missing, just be patient and wait half an hour. If things take a concerning turn, leave your comments below this article and point me to the things that broke without me seeing it.
I hope to have informed you properly and timely 🙂
Cheers Eric
Great work!
By the way,, there’s a small typo, the link to cloudserver.slackware.nl is missing the last “l”.
Heh! Thanks for spotting and reporting, I have fixed that now.
These dictatorship origins are really a challenge for any sysadmin. But what makes me more and more concerned are the LLM hordes coming from the so called ‘free world’. They are quickly rendering internet useless on the infrastructure level and none of the governing bodies seems worried.
Same, speaking as a composer. I’m really free with my works for other humans. I’ll show you my code, too. But LLM’s? It’s a hard nope for me, and there isn’t a great way to “poison” the media for them yet. I deleted my soundcloud because of LLM training.
Indeed, Jen! As a sysadmin/devop I tend to look at the technical matters of the problem. But I’m 100% on your side from the human side. Any human creative work is at risk these days due to LLM and the same governing bodies are doing less than nothing about it.
The problem with copyright is that it’s only as good as the lawyers you can afford to defend it.
Nice, slackpkg upgrade-all indeed regularly gave me aborted connections. good to know the why and thanks for all your hard work!
For all you do to help keep Slackware relevant in the modern, corporatised and somewhat fractured Linux landscape, you have my thanks.
For this post I thank you also for making sure that anybody who uses your services is informed. Many large(r) players in the game could take a leaf from your book.
re: AI/LLM, Adam Davidson-Harden at the Canadian Centre for Policy Alternatives offers some recent observations.
https://www.policyalternatives.ca/news-research/ai-is-taking-away-opportunities-for-students-to-learn-and-think/
There’s of course always going to be an element of a generation gap at play with any kind of disruptive technology. The young generation uses what’s available and does not think twice – it’s just another tool – whereas the older people know what came before and mourn what gets lost.
I experienced this myself when our math teacher told us that we would be the last generation using slide rules and he expected that pocket calculators would replace them (we’re talking 70’s of the previous century). He wailed that valuable skills would be lost and people would get lazy.
Would you be able to create a wood fire and bake a bread using the corn you harvested in the field?
How about integrating something like Anubis? https://github.com/TecharoHQ/anubis
I had looked at that, but I don’t know how Anubis will affect the use of http or https mirror servers with tools like slackpkg. It looks from the documentation that I can whitelist wget and curl tools but I don’t actually know anyone who is already deploying it.
For docs.slackware.com and http://www.slackware.com we have DDoS protection in place via Akamai but for all the slackware.nl and alienbase.nl sites that I also run, I need to look at what will work best.
First the migration to new hardware though – and then look further into DDoS mitigation if needed.
Hi.. first of all, thanks for all you’re doing for Slackware. You’re our tower in Chess.
I recommend you to use antiddos servers in order to route traffic into data servers.
More with reference to AI/LLM:
https://arstechnica.com/ai/2025/06/why-one-man-is-archiving-human-made-content-from-before-the-ai-explosion/
Also, it is probably inevitable that a service like Cloudflare will be necessary to keep the bots at bay and to guide users to *Certified_NON_AI/LLM_Content* and it should be expected that this would be a paid service, TINSTAAFL.
mentioned Cloudflare in an earlier post and so thought also to include this piece from Bruce Schneier:
https://www.schneier.com/blog/archives/2025/03/ai-data-poisoning.html
(please make sure to read the comments/replies as well!)
as an aside, will we need Snake Plissken (Escape from L.A. – 1996 – Welcome to the Human Race) to reset the planet?
It obviously explains, why I no longer cen send an email to you. My emails are rejected with the nonsense message:
host mail.cwo.com[64.57.96.4] said: 550-Your message was
rejected by this system and was not delivered. 550-Reason: Messages from
your location are rejected, identification (HELO) has no matching DNS
entry.. 550-Protection provided by: MagicMail version 5.0 550-For more
information, please visit the URL:
550-http://www.linuxmagic.com/best_practices/resolve_helo_domain.html
550-or contact your ISP or mail server operator. 550
e420e4ba-66f8-11f0-ba2c-0050568549ca (in reply to RCPT TO command)
This server is the only one in the world rejecting my emails because of smth like this.
But the problem I wished to contact you is the following: under /a an/l the are two dead entries (/a/.tmp/…) killing the mirroring process. May be you can let know about it whom it may concern.
I meant – under /a and /l in slackware64/
The error message is something which your ISP should fix. Or else if you run an independent email server, you need to fix this. The EHLO command used in MTA to MTA conversations always needs to have a FQDN as argument.
About your issue with “.tmp” entries. Which Slackware release? And which mirror server? I can not find a “.tmp” entry below slackware64/a/ or slackware64/l/ on any of my own servers, for Slackware 15.0 or -current. It might be a problem of the specific mirror server you are using.
Hi! Its on Slackware64-current, at least on the rsync.slackware.no::slackware/.
On the mail rejection – I run my server for 20+ years with almost all the bells and whistles of authenticity, but see such rejection first time.
The “slackware.no” server is not mine. I also do not know who runs it. Take it up with its admin, it looks like they have a broken mirror process.
Even after 20+ years you can have a mailserver that needs a contemporary tweak. I get emails from lot of other places and people, no prolem there.
Also, i do not run or manage slackware.com myself.
Regarding mail – I asked my friend with 30 years of admin experience in large organisation to check it. After finding no problem with my servers DNS records etc, the advice was “screw those RFC abusers at magicmail whos DNS resolver most obviously is glitchy or mis-configured”.
I would add that most likely, the very error messages is wrong because of some IP ban by geographical principle (“Impossible that the email, originating from the country bordering with russia, can be legit. Its spam at the best, but we are polite and in order to avoid doing emotional damage, provide misleading error msg”)
In my experience – from time to time some self-elected zealots pop up, who “know better” – like for example – putting bans on whole geographical region because of inability to find other solutions, or for some mental reason imagining, that legal domain name could be shorter than 3 letters before .something.
And the most moronic in this case is absolute posture “we are right and you – absolutely positively certainly wrong, therefore we wont do anything to solve the problem”. I have to point that even such behemoths like M$ and Yahoo, doing much more thorough checking and managing huge global blocklists were open for successful problem solution with their blocklist glitches.
Due to this, unfortunately for me, you are no longer in reach by email for me as there is nothing to do with my mailserver.
Again, there’s nothing I can do about your email misfortune, I do not own or run slackware.com, Pat does, and Pat also just rents facilities from CWO who provide us with MagicMail.
The error you shared has nothing to do with GEO blocking by the way.
I am also one of those “self-elected zealots”, who “know better” putting bans on whole geographical region because of inability to find other solutions. It’s what I had to do on several of my servers to stop the DDoS coming out of China mainly.
I run all of my services for free, paying for servers in datacenters and admin-ing those in my own free time, expecting nothing in return, except some respect.
Ehh those pesky dictators are lurking from behind every corner doing everything they can to limit freedoms of their populations. Poor chinese, they are soooo brainwashed slaves that they even don’t realize they are so bad
I’m so glad we have sucha brave freedom fighters as you around and sucha fantastic democracies as EU. where we can freely share our opinion, where journalism is honest free and unobstructed by the state, where state don’t brutally involve itself in lives of average citizen.
When i think about how happy is western way of life i almost cry of gratitude i was born here in this fabulous times
Then dream ends, you wake up and if you are smart enough to see you start to understand you were absolutely and profoundly wrong
And it is what i wish you today