Second Anubis, just finished by setup yesterday i have it of a oracle cloud frre tier vps, which depending on the domain routes the traffic to services hosted on the vps itself or to my server ar home.
Relatively easy to setup, blocks most requests with very few false positives (one of which for example it would aggressively challenge by thunderbird trying to reach my baikal instance). I set a bit more aggresive rules than default (i also block googlebot and bingbot, since i received a bit more requests than I’d like). In like 10 hours it straight up denied about 5000 requests from the ai-catchall ruleset (mostly amazonbot) and challenged about 10000, mostly from a block of IPs in singapore, some of the hosts having the user agent of a Macintosh with PowerPC. They all sure love to explore the public repos on my git server.
I’m in the process of changing servers for an upgrade, the old one still hosting more services while I setup the new one. The old one now does run audibly quiter. I don’t even want to think how much electricity went wasted because of those bots
You probably don’t need me to tell you, but keep good backups. Friend of mine recently had his account nuked without any reason given, and without the possibility of recourse.
That’s too bad. Luckily i keep just a couple of docker compose stacks there. But I should start backing them up, that vps is the only thing I don’t backup
I have a dumb question… what is preventing the crawlers from just eating the shit and just burn though the energy to get through the computational task?
It’ll still slow them down and reduce load on your server. I also think many of these crawlers focus on volume; time spent computing the hash is time not spent crawling someone else’s site.
I’ve seen people suggesting and using Anubis, haven’t used it myself though.
I especially love the irony of Anubis using yesterday’s hype thing to combat today’s.
i tried Anubis and it works great the only issue is it wont support multiple subdomains
Second Anubis, just finished by setup yesterday i have it of a oracle cloud frre tier vps, which depending on the domain routes the traffic to services hosted on the vps itself or to my server ar home. Relatively easy to setup, blocks most requests with very few false positives (one of which for example it would aggressively challenge by thunderbird trying to reach my baikal instance). I set a bit more aggresive rules than default (i also block googlebot and bingbot, since i received a bit more requests than I’d like). In like 10 hours it straight up denied about 5000 requests from the ai-catchall ruleset (mostly amazonbot) and challenged about 10000, mostly from a block of IPs in singapore, some of the hosts having the user agent of a Macintosh with PowerPC. They all sure love to explore the public repos on my git server.
I’m in the process of changing servers for an upgrade, the old one still hosting more services while I setup the new one. The old one now does run audibly quiter. I don’t even want to think how much electricity went wasted because of those bots
You probably don’t need me to tell you, but keep good backups. Friend of mine recently had his account nuked without any reason given, and without the possibility of recourse.
as I heard that’s pretty common at oracle, but it’s good to spread the word
That’s too bad. Luckily i keep just a couple of docker compose stacks there. But I should start backing them up, that vps is the only thing I don’t backup
I’ve had trouble with it using a vpn and privacy browsers. It often blocks me until I use a default browser.
I have a dumb question… what is preventing the crawlers from just eating the shit and just burn though the energy to get through the computational task?
It’ll still slow them down and reduce load on your server. I also think many of these crawlers focus on volume; time spent computing the hash is time not spent crawling someone else’s site.
I was going to recommend that, very easy to setup