Well, the analysis and mitigation is ongoing, and in the process of that I found another ... thing. The verdict is still out on this being a case of a rampant running CI, or some weird VPN endpoint, or something evil. The traffic from the cloud IP I found was definitely organic, but still had some issues and also was too short lived per instance identifier.

Nuked everything from that source. Goodbye 100k instances 😢

Shitty week, really. And still not done with analysis and mitigation.

Well. FFS 😡 Even more manipulation. Spent the whole day analysing again, compiled a report, confronted Obico about it and they admitted it. Will post about that on the OctoPrint blog tomorrow. I have no energy left today.

https://obico.io/blog/2024/07/03/my-apologies-for-the-mistake/

Just did a round on the punching bag, with Limp Bizkit's "Break Stuff" blasting from the sound system.

Doesn't solve this of course, but at least the adrenaline is out of my system again. I can seriously not recommend it enough to have a punching bag in your office... And that's not a joke. I literally have that.

And here's my post on round two of the shitshow that's been keeping me busy for the past week.

I just hope that's it for now, I'm completely and utterly drained by this, both emotionally and physically.

As a consequence of all of this, we've decided that commercial plugins will no longer get their stats tracked publicly, among some other consequences, effective as soon as I can implement the necessary filtering on the stats data exports.

https://octoprint.org/blog/2024/07/04/more-stats-manipulation/