-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crafatar.com spammed with bogus requests #318
Comments
I also have the same issue with it we just have to wait for the service to be back up again. |
Thanks for reporting this. The server seems to be down, I have contacted the hosting provider to bring it back up. |
Any news on this? |
They haven't replied to the ticket yet |
you should change the host D: |
So is this abandoned? @jomo |
The hosting provider restarted the VM and crafatar came back, but apparently it went down again. Unfortunately only the hosting provider can restart the VM, I've asked them again and will try to monitor the situation as soon as possible.
They have hosted crafatar.com for free for almost a decade and only ever asked for their link and logo on the website. They replied in <24 hours, which is quite good for a 0.00 € tier.
While I don't plan to continue active development on the software, I haven't abandoned running the crafatar.com service. I don't run this for profit, crafatar.com has been free software and ad-free since forever and all expenses are paid by myself. As such, running the service is not the top priority in my life and I'm not a team of SREs waiting 24/7 to handle any incidents. If anyone relies on the availability of crafatar.com, please DM me if you're interested in a paid SLA. Alternatively, you can easily host a private or public instance of crafatar. hmu if you commit to running a public instance long-term, then I can add it to the README. |
Some IPs are requesting several bogus requests per second with obviously wrong UUIDs, causing a lot of uncached request hits that are then cached, and causing a lot of unnecessary traffic. The requests only identify as a Java version, so they seem to be coming off some kind of Java application. I'm trying to redirect some of those requests here. If you know what's causing these requests, please let me know. |
In other news, crafatar.com currently seems to be stable. I hope it stays that way for a while. |
@jomo not 100% sure if this is related to what you're saying, but I thought it'd be worth mentioning: a lot of Tebex stores for Minecraft servers have themes that use crafatar URLs with UUIDs. The problem is that Tebex now just generate a random UUID ever since most stores are now "offline mode" in order to support bedrock users. I just noticed this on my store and got forwarded here. Hope that explains why you're probably getting a lot of invalid UUID requests! |
Checked our forum logs, we use MineSync which is an addon for Xenforo. It also uses Crafatar to fetch avatars for users according to their username. We use Geyser to support bedrock players, this means the UUID it's parsing to fetch the avatar is invalid. I imagine there are other applications like this exhibiting similar behaviour - hope this helps. :) |
The Crafatar API returns a 521 error code, or sometimes shows a Heroku error.
This is very unfortunate because recently we switched from mcheads to Crafatar for our game launcher, and having this occur within a week is making me lose confidence in the service.
The text was updated successfully, but these errors were encountered: