exerinity


Redsky is shutting down

25 September 2025 - My Bluesky app, Redsky, is shutting down.

Start speech

Redsky, my privacy-focused read-only viewer for Bluesky, is shutting down. The reason is aggressive and malicious scraping activity that has overtaken the service. Over the past month, Redsky has received millions of requests targeted almost exclusively at user profile pages, while core browsing features like the feed have been accessed only a handful of times. Further, if an app like this was truly, organically, this popular, my own profile would've recieved at least one extra follower, but it didn't. In the last five minutes alone (at the time of writing this), there were over 400 profile requests, which is not human traffic by any stretch. This kind of automated scraping isn't casual or harmless; it's systematic, high-volume data harvesting at scale, and it completely changes the nature of what Redsky is being used for, and goes against its own ethos.

Initially, when I saw these big numbers, I was stoked. I thought something of mine finally caught on, so I thanked the void on Bluesky.

whoa, 300 000 requests to Redsky in the past 24 hours, thanks bros <3

— exerinity (@exerinity.dev) September 19, 2025 at 10:57 PM

However, I did some deeper investigation. As in, scrolling further down the metrics page on the Cloudflare Dashboard.

Requests vs Subrequests graph

5 million requests with 9 million subrequests in the last 30 days. Normal usage doesn't look like this; it's the signature of automated systems crawling constantly.

To be clear: Redsky was never designed to be a bulk data firehose. It was meant as a lightweight, privacy-respecting, read-only frontend for people who couldn't or didn't want to use the official, JavaScript-heavy client. It was supposed to help individuals: people on low-end devices, those behind censorship, privacy-conscious users, and yes, even small-scale scrapers who might archive a timeline or grab a few posts. What I've seen instead is the exact opposite of that. Almost all of the traffic is automated, and it's aggressively targeted.

Feed requests chart showing no usage

The /feed endpoint - which real users would normally hit constantly - has no requests. The bots have no interest in browsing; they're only after raw user data.

User profiles overwhelming requests chart

User profile endpoints, on the other hand, have been hammered with millions of requests. This is not people reading posts - this is large-scale harvesting of account data.

Technically, the service never broke under this load. It's just a Cloudflare Worker, and I have Workers Paid. Redsky handled it fine, with CPU and wall times staying low. But that's the problem: it was efficient enough that abusers could vacuum up data smoothly at scale. This makes Redsky scrape-friendly in the wrong way - not for respectful use, but for weaponized collection.

CPU and request duration graph

CPU time, wall time, and request duration stayed consistently low. The abuse was about quietly and efficiently siphoning data.

I didn't want to shut it down. I genuinely regret having to take this step, and I'm sorry to anyone who relied on Redsky for its original purpose, if anyone even did, which I highly doubt. This wasn't a decision I took lightly. But I also refuse to provide a free, unprotected pipeline for malicious scrapers. I do not support aggressive scraping - I fucking hate it - and I can't let Redsky continue operating if it's being abused in this way.

Bluesky's official web app doesn't work at all unless you have JavaScript enabled. Redsky existed for people who wanted a simpler, no-JS alternative: folks on low-end devices, privacy freaks, people behind censorship, and yes, sometimes low-traffic bots and scrapers, like Discord bots. It was read-only, completely anonymous, and logins were never supported - nor would they ever be.

Redsky was inspired by projects like Invidious and Nitter, which take a similar approach to YouTube and Twitter. The key distinction: Redsky had no JavaScript at all. Just pure HTML pages, light and fast.

I wish Redsky could have continued in the spirit it was built - simple, transparent, and respectful. But right now, the way it's being used undermines that. Thank you to everyone who used and appreciated it for what it was meant to be.

Sure, I could put up a fight, try to block the bad actors, but you bite one head off, and thirty more grow back. "Fighting back" would also probably require JavaScript, which undermines the entire purpose of Redsky: NO JAVASCRIPT.

And most importantly, I am truly sorry to anyone, if anyone, who had their data end up in the hands of these bad actors because of Redsky.

Part of a series on Redsky: