Path: ...!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Peter Newsgroups: sci.electronics.design Subject: Re: Chinese downloads overloading my website Date: Tue, 12 Mar 2024 12:54:06 +0000 Organization: A noiseless patient Spider Lines: 15 Message-ID: References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Injection-Date: Tue, 12 Mar 2024 12:54:04 -0000 (UTC) Injection-Info: dont-email.me; posting-host="fb0768b4dc6b4d54882291ff97dde24f"; logging-data="296686"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18PdNNTw5Zr2gs0jR4q/2He" Cancel-Lock: sha1:71TEnejtgYjkojiiO/OBJzoXerA= X-Newsreader: Forte Agent 3.3/32.846 X-No-Archive: yes Bytes: 1693 IME, the hidden google re-captcha works brilliantly against bots. Presumably by examining the timing. Set the threshold to 0.6 and off you go. I run a fairly busy tech forum. Another approach is to put your site behind Cloudflare. For hobby / noncommercial sites this is free. And you get handy stuff like - https certificate is done for you - you can block up to 5 countries (I blocked Russia China and India) Ideally you should firewall your server to accept web traffic only from the set of CF IPs, but in practice this is not necessary unless somebody is out to get you (there are websites which carry IP history for a given domain, believe it or not!!!)