liberapay / salon

Liberapay's salon, where the discussions that don't belong elsewhere take place
22 stars 3 forks source link

Watercooler - Q2 2020 #362

Closed Changaco closed 4 years ago

Changaco commented 4 years ago

This is Liberapay's quarterly "what's up?" thread. Previous: #344.

Changaco commented 4 years ago

Cloudflare has announced an improvement of their automatic DDoS detection and mitigation: https://blog.cloudflare.com/rolling-with-the-punches-shifting-attack-tactics-dropping-packets-faster-cheaper-at-the-edge/

It would be great if they went a little further and detected problematic requests even at very small scales, like a single bot degrading response times for others by sending too many high-cost requests.

Changaco commented 4 years ago

How long do SEPA Direct Debits really take to settle? For the 1466 SDDs that we have successfully processed through Stripe so far, the minimum settlement time currently stands at 15 hours 51 minutes, the average is 5 days 15 hours, and the maximum is 22 days 1 hour.

ebdb=> select count(*), min(pie.timestamp - pi.ctime), max(pie.timestamp - pi.ctime), avg(pie.timestamp - pi.ctime) from payins pi join exchange_routes r on r.id = pi.route join payin_events pie on pie.payin = pi.id and pie.status = 'succeeded' where r.network = 'stripe-sdd';
 count |       min       |           max           |          avg           
-------+-----------------+-------------------------+------------------------
  1466 | 15:51:06.173706 | 22 days 01:16:54.605417 | 5 days 15:01:51.567365
(1 row)

(I computed this to respond to https://social.jesuislibre.net/@tuxicoman/103997993394310357.)

Updated query and results on September 23:

select count(*), min(value), max(value), avg(value), percentile_cont(0.5) within group (order by value) as median from (select pie.timestamp - pi.ctime as value from payins pi join exchange_routes r on r.id = pi.route join payin_events pie on pie.payin = pi.id and pie.status = 'succeeded' where r.network = 'stripe-sdd') things;
 count |       min       |           max            |          avg           |         median         
-------+-----------------+--------------------------+------------------------+------------------------
  2653 | 15:51:06.173706 | 121 days 06:49:31.462549 | 5 days 24:20:46.203223 | 5 days 18:50:45.104018
(1 row)
trebmuh commented 4 years ago

Should we had that the the FAQ? I think i would as well be good to have some rough figures about "fees" (for paypal & stripes) on the FAQ page. That's a commonly asked question.

Changaco commented 4 years ago

@trebmuh https://github.com/liberapay/liberapay.com/issues/1743 and https://github.com/liberapay/liberapay.com/issues/346

Changaco commented 4 years ago

I had to turn on Cloudflare's “Under Attack” mode yesterday to block a DDoS.

Screenshot of Cloudflare dashboard page showing the number of requests in the last 24 hours

Screenshot of Cloudflare dashboard page showing the bandwidth usage in the last 24 hours

Screenshot of Cloudflare dashboard page showing the number of unique IP addresses seen in the last 24 hours

Changaco commented 4 years ago

Patreon lays off 13% of workforce | Hacker News

MartinDelille commented 4 years ago

This is sad but it would be a good point if we could oppose to this news that Liberapay team income stay stable or even since the confinement! 😉

trebmuh commented 4 years ago

Well... it can probably be defended as technically true, but LiberaPay, it's a few euros' worth of donation. Even @Changaco doesn't have the equivalent of a real take-home paycheck. Whereas at patreon, they were (probably) real salaries, with social contributions, right to unemployment, paid holidays, and all the rest. So, even if it seems funny and attractive to "make fun of a competitor", it doesn't stand the real comparison.

MartinDelille commented 4 years ago

I agree.

Changaco commented 4 years ago

Updates to Stripe's advanced fraud detection

Changaco commented 4 years ago

Someone seems to be trying to harm Liberapay by creating lots of empty accounts. As a partial and temporary mitigation I've blacklisted the email domains comcast.net, verizon.net and cox.net.

trebmuh commented 4 years ago

Good job :+1: If you need some help, let us know.

Changaco commented 4 years ago

https://todon.nl/@lexane/104225266406882518

I want to sign up for #Liberapay for my writing, but I feel like I would have to explain to every single person that no, they're not required to donate weekly. So, probably going to stay on Patreon where donations are very obviously monthly. My readers do not have enough money to donate every week and will quit the page when they see the "X€ weekly" bit.

Changaco commented 4 years ago

Expanding support for JCB payments

Changaco commented 4 years ago

Stripe launches in five more European countries

Changaco commented 4 years ago

As I was looking around the Cloudflare dashboard I found a beta “Certificate Transparency Monitoring” feature, so I enabled it.

Screenshot of the “Certificate Transparency Monitoring” box of the Cloudflare dashboard, with the help text visible

mattbk commented 4 years ago

Another example of open financials: https://www.bannerbear.com/open/

Changaco commented 4 years ago

Email from Stripe:

Hello,

We’re reaching out to notify you of an issue where some SEPA Direct Debit payments created between May 25th and June 1st are in a ‘pending’ state for longer than the expected average duration of 5 business days.

We understand the impact this can have on your business and are working urgently to get the transactions into a ‘paid’ status as quickly as possible.

We’re sorry for the inconvenience here. We will keep you posted with updates as they become available.

– The Stripe Team

Changaco commented 4 years ago

Stripe now supports direct debits of UK bank accounts, but this payment method is only available to businesses based in the UK, so we can't add it. https://stripe.com/payments/bacs-debit

Changaco commented 4 years ago

Email from GitHub:

Subject: [GitHub] At 80% of Git LFS data quota for liberapay

We wanted to let you know that you’ve used 80% of your data plan for Git LFS on the organization liberapay. No immediate action is necessary, but you might want to consider purchasing additional data packs to cover your bandwidth and storage usage:

https://github.com/organizations/liberapay/billing/data/upgrade

Current usage as of 11 Jun 2020 04:42PM UTC:

Bandwidth: 0.8 GB / 1 GB (80%) Storage: 0.01 GB / 1 GB (1%)

Changaco commented 4 years ago

Stripe now supports direct debits of Australian bank accounts, but this payment method is only available to businesses based in Australia. https://stripe.com/docs/payments/au-becs-debit

The dispute rules seem to be very problematic:

For up to 7 years, a customer can dispute a debit payment on their account through their bank on a “no questions asked” basis.

Changaco commented 4 years ago

https://mastodon.xyz/@Liberapay/104414867554637676

Changaco commented 4 years ago

Someone seems to be trying to harm Liberapay by creating lots of empty accounts. As a partial and temporary mitigation I've blacklisted the email domains comcast.net, verizon.net and cox.net.

I've dropped the blacklisting of email domains, which was beginning to inconvenience users. Instead Cloudflare is now configured to challenge the account creation requests. This is still only a temporary solution and may cause other problems.