Closed Changaco closed 4 years ago
Cloudflare has announced an improvement of their automatic DDoS detection and mitigation: https://blog.cloudflare.com/rolling-with-the-punches-shifting-attack-tactics-dropping-packets-faster-cheaper-at-the-edge/
It would be great if they went a little further and detected problematic requests even at very small scales, like a single bot degrading response times for others by sending too many high-cost requests.
How long do SEPA Direct Debits really take to settle? For the 1466 SDDs that we have successfully processed through Stripe so far, the minimum settlement time currently stands at 15 hours 51 minutes, the average is 5 days 15 hours, and the maximum is 22 days 1 hour.
ebdb=> select count(*), min(pie.timestamp - pi.ctime), max(pie.timestamp - pi.ctime), avg(pie.timestamp - pi.ctime) from payins pi join exchange_routes r on r.id = pi.route join payin_events pie on pie.payin = pi.id and pie.status = 'succeeded' where r.network = 'stripe-sdd';
count | min | max | avg
-------+-----------------+-------------------------+------------------------
1466 | 15:51:06.173706 | 22 days 01:16:54.605417 | 5 days 15:01:51.567365
(1 row)
(I computed this to respond to https://social.jesuislibre.net/@tuxicoman/103997993394310357.)
Updated query and results on September 23:
select count(*), min(value), max(value), avg(value), percentile_cont(0.5) within group (order by value) as median from (select pie.timestamp - pi.ctime as value from payins pi join exchange_routes r on r.id = pi.route join payin_events pie on pie.payin = pi.id and pie.status = 'succeeded' where r.network = 'stripe-sdd') things;
count | min | max | avg | median
-------+-----------------+--------------------------+------------------------+------------------------
2653 | 15:51:06.173706 | 121 days 06:49:31.462549 | 5 days 24:20:46.203223 | 5 days 18:50:45.104018
(1 row)
Should we had that the the FAQ? I think i would as well be good to have some rough figures about "fees" (for paypal & stripes) on the FAQ page. That's a commonly asked question.
I had to turn on Cloudflare's “Under Attack” mode yesterday to block a DDoS.
This is sad but it would be a good point if we could oppose to this news that Liberapay team income stay stable or even since the confinement! 😉
Well... it can probably be defended as technically true, but LiberaPay, it's a few euros' worth of donation. Even @Changaco doesn't have the equivalent of a real take-home paycheck. Whereas at patreon, they were (probably) real salaries, with social contributions, right to unemployment, paid holidays, and all the rest. So, even if it seems funny and attractive to "make fun of a competitor", it doesn't stand the real comparison.
I agree.
Someone seems to be trying to harm Liberapay by creating lots of empty accounts. As a partial and temporary mitigation I've blacklisted the email domains comcast.net, verizon.net and cox.net.
Good job :+1: If you need some help, let us know.
https://todon.nl/@lexane/104225266406882518
I want to sign up for #Liberapay for my writing, but I feel like I would have to explain to every single person that no, they're not required to donate weekly. So, probably going to stay on Patreon where donations are very obviously monthly. My readers do not have enough money to donate every week and will quit the page when they see the "X€ weekly" bit.
As I was looking around the Cloudflare dashboard I found a beta “Certificate Transparency Monitoring” feature, so I enabled it.
Another example of open financials: https://www.bannerbear.com/open/
Email from Stripe:
Hello,
We’re reaching out to notify you of an issue where some SEPA Direct Debit payments created between May 25th and June 1st are in a ‘pending’ state for longer than the expected average duration of 5 business days.
We understand the impact this can have on your business and are working urgently to get the transactions into a ‘paid’ status as quickly as possible.
We’re sorry for the inconvenience here. We will keep you posted with updates as they become available.
– The Stripe Team
Stripe now supports direct debits of UK bank accounts, but this payment method is only available to businesses based in the UK, so we can't add it. https://stripe.com/payments/bacs-debit
Email from GitHub:
Subject: [GitHub] At 80% of Git LFS data quota for liberapay
We wanted to let you know that you’ve used 80% of your data plan for Git LFS on the organization liberapay. No immediate action is necessary, but you might want to consider purchasing additional data packs to cover your bandwidth and storage usage:
https://github.com/organizations/liberapay/billing/data/upgrade
Current usage as of 11 Jun 2020 04:42PM UTC:
Bandwidth: 0.8 GB / 1 GB (80%) Storage: 0.01 GB / 1 GB (1%)
Stripe now supports direct debits of Australian bank accounts, but this payment method is only available to businesses based in Australia. https://stripe.com/docs/payments/au-becs-debit
The dispute rules seem to be very problematic:
For up to 7 years, a customer can dispute a debit payment on their account through their bank on a “no questions asked” basis.
Someone seems to be trying to harm Liberapay by creating lots of empty accounts. As a partial and temporary mitigation I've blacklisted the email domains comcast.net, verizon.net and cox.net.
I've dropped the blacklisting of email domains, which was beginning to inconvenience users. Instead Cloudflare is now configured to challenge the account creation requests. This is still only a temporary solution and may cause other problems.
This is Liberapay's quarterly "what's up?" thread. Previous: #344.