Much better than cludflare and Google recapha
this post was submitted on 28 Apr 2026
564 points (95.9% liked)
memes
21060 readers
2174 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads/AI Slop
No advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 2 years ago
MODERATORS
Looks way better than half the ads I normally see.
I am skeptical about the real level of protection that Anubis really provides.
At the end is an automated test. Meaning that any machine could easily solve it.
Most "attackers" wont bother solving it because they don't really care. But if they would want they could. It's sort of protection by obscurity.
The more Anubis it's used the more we see attacks that actually equip a way to solve the challenges. Then is when Anubis up the challenge and the battle begin, between how much can Anubis up the challenge so normal users can still browse and how much cost the attacker is willing to eat.
Giving that these attackers tend to have high budgets I'm not that certain about its actual capabilities to reject a targeted ddos.
As for crawling for big data. I do think that it does nothing here. Companies willing yo scrape big amounts of data, for AI training or other purposes, have massive budgets and the electricity cost of solving the JavaScript challenges become nothing in comparison. They also doesn't need ro deny the service so they could spread the scrape to keep the challenge low reducing the cost even more.
Once again, positive results we currently see in practice I believe that are caused just because most scrappers and ddos attackers are just blindly attacking and doesn't really equip themselves for Anubis. Protection by obscurity. But a well equiped attacker I don't think it would have that much trouble getting past it, specially for scrapping, or other type of bot attacks that could be slowed down.
You're right, although my understanding is that there are a lot of poorly implemented scrapers for AI services unintentionally DDoSing websites with requests, so Anubis is more of a mitigation against those.
Yeah, seems like the problem is that fundamentally it could work by upping the difficulty a smidge making it then meaningfully expensive, but the spread between slowest edge device and high end means it's impossible to chase that difficulty without screwing over low end device users..
Still better than this
Both have different purposes.
The Anubis challenge could be easily and cheapely solved by any JavaScript engine. It only becomes expensive for a massive number of petitions.
If for instance you would want to register a few thousand emails in a forum anubis is not going to stop anyone.
In fact I'm sceptical about really having an impact. As even when the challenge goes up in difficulty is not that expensive compared with all other cost related to these kinds of attacks or massive scrapes.
My suspicion is that most websites using Anubis see a positive impact because most crawlers and probers doesn't take into account Anubis, so they don't even attach a way to solve the challenge and they directly go into the "rejected by anubis" bucket. But any targeted attack I suppose would pass easily, either by doing a slow attack not to up the challenge very much, or just eating the cost. Imagine an AI company that using nuclear plants for training data, the cost of solving a few million JavaScript challenges is nothing in comparison.
As a DDOS mitigation it helps, but once again it's just a matter of eating the cost by the attacker. And the attack will still deny some service as the challenge go up and new legit users would also need to solve harder challenges.
Perry the platypus?
load more comments
(1 replies)
+1 Anubis, cloudflare can suck mai balls
Her face is the response to years of enshittification; without her, the modern browsing experience would suck much harder. Glory to Anubis!
If you're going to increase my compute to access your site, at least give me a crypto token that may or may not be worth anything
Anubis is open source, self-hosted, doesn't block me just because I use a VPN and the later versions work even with JavaScript disabled!
Fuck Cloudflare, long live Anubis!
load more comments
(6 replies)
I much prefer to see Anubis rather than some bullshit captcha with a grid of AI generated slop that requires 30 clicks to pass.
(Not so) fun fact: The Anubis image is itself AI slop
https://github.com/TecharoHQ/anubis/commit/3e9a93f629e9c5a69bd7fcd6613d27ce9f5231f9
The repo credits a real artist for the anubis image
https://github.com/TecharoHQ/anubis/blob/main/web/static/img/ATTRIBUTIONS.txt
I've read somewhere the main dev has comissioned an artist to redo the Anubis mascot.
You mean 30 clicks before it tells you to "please try again" for no reason.
"Prove that you're human by solving these machine-generated puzzles that machines can solve to give us more data to train our machines, while we run a simple script in the background to verify that you're human based on your browser's metadata."
I had a captcha a few days ago that was something like "click on all the pictures that go with this" with a picture of a saucepan and the grid was food items and other things.
I pointed my phone at it and asked Gemini and almost instantly it said "the potato in the top left and the carrots look the middle of the bottom row".
While I despise the captchas from a human perspective, the fact that an LLM can solve the challenge isn't a deal breaker. It doesn't need to be impossible for a non-human to solve, it just has to be too expensive.
It does certainly shift the equation to stuff like proof of work since a computer can solve it anyway, might as well not annoy the human.
load more comments
(2 replies)
load more comments
(1 replies)
your blog does not need an anime girl web ai firewall utility
it kinda does when the web is being scraped by bots to fuel the LLMs
ok!
Unfortunately, yes it does. Unless I want it to collapse regularly.
Watch out, you'll anger the hive mind.
I don't mind the second it takes. Better than the service going down because of AI bots.
Actually the opposite for me - I love to see her for a second, brightens the day a bit, fights the evil megacorps.
-AAAnubis-chan
Or cloudflare. Fuck cloudflare.
load more comments
(1 replies)
I love how toxic she is to corporate professionalism.
Its also perfect marketing, the software is free with the mascot hardcoded in. The official way to change it is to contribute to get an enterprise version.
The code is MIT licensed, what's preventing you from just removing the logo/changing it with something else....
Nothing but them respectfully asking not to do this, pointing out that they will help you do it if you pay a contribution.
load more comments
(7 replies)
plus, Cloudflare Turnslide. (i also see it equally as much)
I've seen this briefly pop up while looking up linux stuff online recently. Wondered what it was, thank you Lemmy community for some enlightenment!
Take this over cloudflare any day of the week
What am I missing to understand this? What is Anubis?
Beloved anti scraping/ddos tool
view more: next ›