Drunk & Root@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 2 days agoHow to combat large amounts of Ai scrapersmessage-squaremessage-square52fedilinkarrow-up1115arrow-down15file-text
arrow-up1110arrow-down1message-squareHow to combat large amounts of Ai scrapersDrunk & Root@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 2 days agomessage-square52fedilinkfile-text
everytime i check nginx logs its more scrapers then i can count and i could not find any good open source solutions
minus-squaredaniskarma@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up4·edit-28 hours agoHow do you know it’s “AI” scrappers? I’ve have my server up before AI was a thing. It’s totally normal to get thousands of bot hits and to get scraped. I use crowdsec to mitigate it. But you will always get bot hits.
minus-squareDrunk & Root@sh.itjust.worksOPlinkfedilinkEnglisharrow-up1·2 hours agobot hits i dont care my issue is when i see the same ip querying every file on 3 resource intensive sites millions of times
minus-squaredaniskarma@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up1·edit-257 minutes agoDo you have a proper robots.txt file? Do they do weird things like invalid url, invalid post tries? Weird user agents? Millions of times by the same ip sound much more like vulnerability proving than crawler. If that’s the case fail to ban or crowdsec. Should be easy to set up a rule to ban an inhumane number of hits per second on certain resources.
minus-squareDrunk & Root@sh.itjust.worksOPlinkfedilinkEnglisharrow-up1·26 minutes agosince its the frontends i run getting scraped its the robots.txt included there
minus-squareSheldan@lemmy.worldlinkfedilinkEnglisharrow-up2·6 hours agoSome of them are at least honest and have it as a user agent.
minus-squarekrakenfury@lemmy.sdf.orglinkfedilinkEnglisharrow-up2arrow-down1·5 hours agoIs ignoring robots.txt considered “honest”?
minus-squareSheldan@lemmy.worldlinkfedilinkEnglisharrow-up1·3 hours agoThat’s not what I was talking about
How do you know it’s “AI” scrappers?
I’ve have my server up before AI was a thing.
It’s totally normal to get thousands of bot hits and to get scraped.
I use crowdsec to mitigate it. But you will always get bot hits.
bot hits i dont care my issue is when i see the same ip querying every file on 3 resource intensive sites millions of times
Do you have a proper robots.txt file?
Do they do weird things like invalid url, invalid post tries? Weird user agents?
Millions of times by the same ip sound much more like vulnerability proving than crawler.
If that’s the case fail to ban or crowdsec. Should be easy to set up a rule to ban an inhumane number of hits per second on certain resources.
since its the frontends i run getting scraped its the robots.txt included there
Some of them are at least honest and have it as a user agent.
Is ignoring robots.txt considered “honest”?
That’s not what I was talking about