@pwm yeah how im doing this definitely isn't sustainable. i'm evaluating ways i can keep it public but also limit access. i wish it was as easy of just setting up an oauth login for poast users but others use it too. even people not on fedi and i feel bad cutting them off to deal with some shitty people. blocking entire ranges is fine for now but people get caught in the crossfire (and iptables/nginx have limits to the amount of IPs they store 'in memory')
this weekend I'm going to tear everything out as far as blocks and stuff are concerned and do it a little more elegantly. it's a lot of work but hopefully in the long run it'll be manageable enough