Path: ...!3.eu.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Don Y <blockedofcourse@foo.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Chinese downloads overloading my website
Date: Wed, 13 Mar 2024 16:43:22 -0700
Organization: A noiseless patient Spider
Lines: 85
Message-ID: <ustdn0$176f7$1@dont-email.me>
References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com>
 <6lekuihu1heui4th3ogtnqk9ph8msobmj3@4ax.com> <usec35$130bu$1@solani.org>
 <u14quid1e74r81n0ajol0quthaumsd65md@4ax.com> <usjiog$15kaq$1@solani.org>
 <t7rrui5ohh07vlvn5vnl277eec6bmvo4p9@4ax.com> <usm6v6$17e2c$1@solani.org>
 <gabuui56k0fn9iovps09um30lhiqhvc61t@4ax.com> <usqjih$h74g$1@dont-email.me>
 <afq1viha37gjs37sprgfb30dfm0m1ok5jh@4ax.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 13 Mar 2024 23:43:29 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="11f1a6c097d5e8318048522ef22246c2";
	logging-data="1284583"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1854yPRlT1neBRu+0XuNl3Q"
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.2.2
Cancel-Lock: sha1:vrGrvyksdOQZawZGRGkdjv/5BB4=
In-Reply-To: <afq1viha37gjs37sprgfb30dfm0m1ok5jh@4ax.com>
Content-Language: en-US
Bytes: 5167

On 3/12/2024 5:08 PM, legg wrote:
>>>>> Ideally, if they can't access the top level, a direct address
>>>>> access to the files might be prevented?
>>>
>>> Using barebones (Netscape) Seamonkey Compser, the Oodlestech
>>> script generates a web page with a 4-figure manually-entered
>>> human test.
>>>
>>> How do I get a correct response to open the protected web page?
>>
>> Why not visit a page that uses it and inspect the source?
> 
> I'm afraid to find out. If it's google product . . . .

I think there are a variety of "similar" mechanisms offered.
You can also "roll your own" just by adding a stumbling
block that ties access to something beyond just having the served
page (e.g., delay the activation of links for a short period
of time after the page is served so the "client" has to
delay clicking on them)

Or, generating a psuedo-random number and requiring the
client to enter it -- or combinations thereof:
"Please enter this numeric value:  six four three"
as a bot likely won't know that you have made such a request
of the client.

>>>> What I am doing now is using a html://mywebsite/pub/ directory
>>>> with lots of files in it that I want to publish in for example this newsgroup,
>>>> I then just post a direct link to that file.
>>>> So it has no index file and no links to it from the main site.
>>>> It has many sub directories too.
>>>> https://panteltje.nl/pub/GPS_to_USB_module_component_site_IXIMG_1360.JPG
>>>> https://panteltje.nl/pub/pwfax-0.1/README
>>>>
>>>> So you need the exact link to access anything
>>>> fine for publishing here...
>>> <snip>
>>>
>>> The top (~index) web page of my site has lists of direct links
>>> to subdirectories, for double-click download by user.
>>
>> You could omit the actual links and just leave the TEXT for a link
>> present (i.e., highlight text, copy, paste into address bar) to
>> see if the "clients" are exploring all of your *links* or are
>> actually parsing the *text*.
> 
> After the chinese IPs were blocked, there was not much more
> I could learn by fiddling about. My ISP had to reset the auto
> suspension and up the limit with each (failed) iteration.
> The current block is considered as dusting of the hands.
> Case closed.

Well, you should be thankful they were at least THAT cooperative.

>>> Somebody, please tell me the the 'Internet Archive' is NOT owned
>>> by Google?
>>>
>>> Some off-site links for large image-bound mfr-logo-ident web pages
>>> (c/o geek@scorpiorising) seem already to have introduced a
>>> captcha-type routine. Wouldn't need many bot hits to bump that
>>> location into a data limit. Those pages take a long time
>>> simply to load.
>>
>> There is an art to designing all forms of documentation
>> (web pages just being one).  Too abridged and folks spend forever
>> chasing links (even if it's as easy as "NEXT").  Too verbose and
>> the page takes a long time to load.
> 
> The problem with mfr logo ident is the raw volume of tiny images.
> Don't recall if an epub version was made - I think, if anything,
> that attempt just made a bigger file . . . .
> Slow as it is - it's already split up alpha numerically into six
> sections . . . .

(Without having seen them...)  Can you create a PNG of a group
of them arranged in a matrix.  Then, a map that allows clicking
on any *part* of the composite image to provide a more detailed
"popup" to inspect?

I.e., each individual image is a trip back to the server to
fetch that image.  A single composite could reduce that to
one fetch with other actions conditional on whether or not
the user wants "more/finer detail"