still need to write those caddyserver rules to block browser UAs from server-to-server APIs and vice versa
Also block default UAs from libraries
browser UAs are incredibly simple because they all still use "Mozilla/5.0" in the beginning
default library UAs are a bit harder, since I need to collect them
Instance run by a non-profit association, with a mission to encourage an open internet, welcoming to everyone.