https://apify.com/ logo
Join Discord
Powered by
# 💻creators-and-apify
  • who is developer?
    a

    Aiai

    07/31/2025, 2:34 PM
    who is developer?
    l
    t
    • 3
    • 3
  • p

    pavel

    08/01/2025, 1:17 PM
    While I am glad to see folks finally starting to adapt some best practices around effectively managing multiple actors, the suggested approach in that repo is brittle. A cleaner way is to have your own CI for building and then pushing final version to Apify platform. This way the build step can pull in any kind of deps you need.
  • p

    pavel

    08/01/2025, 1:21 PM
    hehe. I have a free actor that does absolutely nothing, yet somebody has been triggering it over 250 times per day every day the past month. Suspect its someone's MCP server that keeps thinking my actor can do what it clearly can not, and keeps trying tirelessly. oh well...
  • a

    ApifyBot

    08/01/2025, 1:21 PM
    @pavel just advanced to level 6! Thanks for your contributions! 🎉
  • a

    azzouzana

    08/01/2025, 4:25 PM
    Awesome update! Thanks 🙏 https://cdn.discordapp.com/attachments/1090592836044476426/1400877084036960267/image.png?ex=688e3bf3&is=688cea73&hm=6f81411416b377f933120347c91db65adfc47ef62b6d5eaadaf35cbdfc11199c&
  • d

    dzomar

    08/01/2025, 6:37 PM
    ⚠️ Potential PPE Abuse Vector (Self-Triggered Hidden Logic via Secret Inputs) Hi team, I want to share a potential abuse pattern related to PPE (Pay-per-event) Actors and automated QA bypass that could allow a publisher to exploit Apify resources with little or no real cost while appearing safe to users. Exploit Flow: The attacker publishes a PPE Actor with a very low-cost event, e.g. $0.0001. The Actor passes QA by returning dummy or fast results using public prefilled input. When normal users run it, it returns "Invalid input" or meaningless data so no one complains. But when the attacker enters a secret input only they know, it: Triggers hidden, resource-heavy logic (e.g., scraping, crawling, SSH, API calls), Charges a valid PPE event (task-completed) priced very cheaply, Returns fake but plausible output to appear functional and avoid detection. Abuse Calculation: Suppose the scammer: Triggers the hidden event every 4.5 minutes Runs it continuously for 5 hours Charges $0.0001 per event Returns fake output each time That’s: ≈ 66 events per 5 hours ≈ $0.0066 total charged All while consuming real compute time, bandwidth, or memory on Apify’s infrastructure. Repeating this daily or across accounts could: Exploit $5 free monthly credit Run thousands of resource-heavy jobs Without harming users directly or triggering billing alarms Intent: This doesn’t directly harm users it’s more like covertly using Apify as a free compute platform, disguised as a normal Actor. Suggestion: If the publisher continuously loses money (e.g. spends $5+ running their own PPE Actor with no income from other users), the platform should automatically flag the Actor as suspicious or abusive. Just sharing a theoretical edge case to strengthen platform trust and protect infrastructure curious to hear if this is already handled. Thanks!
  • s

    Saurav Jain

    08/01/2025, 6:42 PM
    maybe i am missing something but such Actors will still consumes CUs and will have high usage costs. In such case it will make Actor profit margin a lot negative. And it will flag the behaviour to us anyway. We reach out to Actor owner in such cases and ask them what's up, if no valid reason and they have found to abuse the platform their IP and all accounts gets banned.
  • Thanks for the explanation great to know
    d

    dzomar

    08/01/2025, 7:33 PM
    Thanks for the explanation great to know you’re already monitoring that kind of pattern. I was mainly concerned about a situation where the publisher and the user are the same person, silently exploiting their own Actor for hidden compute. But it sounds like the margin monitoring and manual review process already covers that once it becomes unprofitable. Appreciate the insight! Would also love to hear @lukas_krivka’s thoughts on this if he has time
    l
    • 2
    • 1
  • p

    pavel

    08/01/2025, 11:53 PM
    There seems to be a big obsession in this community about people abusing the free 5usd system. Frankly, its small change for any real attacker. If you really want free compute, sign up for AWS. They give you 720 hours free per month. And Apify runs on top of AWS, so you can still run all your crawlers there. There is also hardly any monitoring - you can really run anything you want with no checks.
  • d

    dzomar

    08/02/2025, 12:02 AM
    Fair point, AWS gives more free compute, but it doesn't provide Apify's built-in proxy layer. Many use Apify because it handles geo IPs, rotation, and bans, which isn’t trivial to set up on raw cloud infrastructure. Just worth noting.
  • a

    ApifyBot

    08/02/2025, 12:02 AM
    @dzomar just advanced to level 3! Thanks for your contributions! 🎉
  • t

    thenetaji

    08/02/2025, 2:10 AM
    Do
    .dockerignore
    works for apify actor, I want to avoid some folders while uploading
  • r

    rahul

    08/02/2025, 3:06 AM
    Is there any more transparency on the reviews weighting? I have an actor that had two 5 star reviews then I randomly got a 1 star (no actual review just the rating) which dropped my actor's total rating to 1.9. That seems like too much weight
  • a

    aciku

    08/02/2025, 3:12 AM
    Please see: https://discord.com/channels/801163717915574323/801236795332231168/1399339138423062600
  • r

    rahul

    08/02/2025, 3:14 AM
    I did and it doesn't explain much other than some users having higher weighting I'm curious to what degree because 1 review shouldn't be able to tank your actor's rating
  • a

    aciku

    08/02/2025, 3:22 AM
    Yeah, it does seem disproportionate. Are you sure it’s just 3 reviews (2 with 5 stars and 1 with 1 star)? It could be that the user who left the 1-star rating is a paying user and ran the actor multiple times but even then, it still feels like too much weight.
  • t

    thenetaji

    08/02/2025, 3:33 AM
    read this https://discord.com/channels/801163717915574323/801236795332231168/1399339138423062600
  • a

    ApifyBot

    08/02/2025, 3:33 AM
    @thenetaji just advanced to level 9! Thanks for your contributions! 🎉
  • r

    rahul

    08/02/2025, 3:59 AM
    Yeah it was just 3 reviews, two 5 star and one 1 star and the 1 star dropped it to 1.9 I get the part that they could have more weight but that’s so much more weight and I can’t even address the review or understand why because they didn’t write anything
  • t

    toludare

    08/02/2025, 5:28 AM
    yes.
  • u

    !!!Joefree!!! 👑

    08/02/2025, 11:34 AM
    Is it possible to limit the file size to a specific byte size in an upload input? https://cdn.discordapp.com/attachments/1090592836044476426/1401166206672568461/image.png?ex=688f4938&is=688df7b8&hm=e87a42174d12d04fd84d66e63231062ab8823423ce4575c01021d5f95494aca7&
  • a

    AkshayDubey

    08/02/2025, 11:36 AM
    I was playing with apify in that i was trying to creator scrapper from scratch but it didn't get the result what we expect from apify can some one help me with enginnering solution how does it work
  • a

    AkshayDubey

    08/02/2025, 11:36 AM
    I was trying on Linkedin
  • a

    AkshayDubey

    08/02/2025, 11:48 AM
    Is there any one who can guide?
  • Tried using GH Actions to deploy, but
    h

    HolyClony

    08/02/2025, 11:56 AM
    Tried using GH Actions to deploy, but since it's a monorepo, actors have
    "dockerContextDir": "../../.."
    , so it's impossible to use
    apify push
    without an error (context dir cannot be outside of the actor root dir)
    p
    l
    • 3
    • 2
  • a

    ApifyBot

    08/02/2025, 11:56 AM
    @HolyClony just advanced to level 2! Thanks for your contributions! 🎉
  • u

    !!!Joefree!!! 👑

    08/02/2025, 5:04 PM
    wow, the number of actors reached 7,356! yesterday it was still 6,452.
  • u

    !!!Joefree!!! 👑

    08/02/2025, 5:08 PM
    spamm attack !
  • s

    Saurav Jain

    08/02/2025, 5:10 PM
    yep reported 😄 https://cdn.discordapp.com/attachments/1090592836044476426/1401250898251878420/Screenshot_2025-08-02_at_10.40.40_PM.png?ex=688f9818&is=688e4698&hm=2a200830741f4ce951ed23507e6928cb7335e0982f248a327eedcb7ce01b4dcc&
  • l

    Lukas Krivka

    08/02/2025, 5:50 PM
    Ok, guys, admit who vibe coded this 😄