| Deutsch English Français Italiano |
|
<kmduuilbvdjssqjda1i21d9b08vrk4t86j@4ax.com> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!feeds.phibee-telecom.net!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: legg <legg@nospam.magma.ca> Newsgroups: sci.electronics.design Subject: Re: Chinese downloads overloading my website Date: Mon, 11 Mar 2024 12:57:20 -0400 Organization: A noiseless patient Spider Lines: 43 Message-ID: <kmduuilbvdjssqjda1i21d9b08vrk4t86j@4ax.com> References: <7qujui58fjds1isls4ohpcnp5d7dt20ggk@4ax.com> <6lekuihu1heui4th3ogtnqk9ph8msobmj3@4ax.com> <usec35$130bu$1@solani.org> <u14quid1e74r81n0ajol0quthaumsd65md@4ax.com> <usjiog$15kaq$1@solani.org> <t7rrui5ohh07vlvn5vnl277eec6bmvo4p9@4ax.com> <usm6v6$17e2c$1@solani.org> <usm96m$3fkqg$1@dont-email.me> <usmkb9$17l2r$1@solani.org> <du5uuih5e5d4ugd7ru8oo0gb6ppenjrtdd@4ax.com> <usn5j7$3lod7$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Injection-Info: dont-email.me; posting-host="4bf5ccac6bd891d8f3c037dd4188dedd"; logging-data="3918065"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18YlHNt8TcULWYfdyNyO2r7" Cancel-Lock: sha1:LmcAfLpMcqvjgkOpp4fvA1+gfTg= X-Newsreader: Forte Agent 4.2/32.1118 Bytes: 2898 On Mon, 11 Mar 2024 07:48:04 -0700, Don Y <blockedofcourse@foo.invalid> wrote: >On 3/11/2024 7:40 AM, legg wrote: >> Blocking a single IP hasn't worked for my ISP. > >It won't. Even novice users can move to a different IP using reeadily >available mechanisms. > >Whitelisting can work (which is the approach that I use) but >it assumes you know who you *want* to access your site. > >(It's a lot harder to guess a permitted IP than it is to avoid >an obviously BLOCKED one!) > >> Each identical 17G download block (262 visits)was by a new IP >> in a completely different location/region. >> >> Beijing, Hearbin, Henan, a mobile and a fifth, so far untraced >> due to suspension of my site. > >There's a reason things like "captcha" exist. > >Note that this still doesn't prevent the *page(s)* from being repeatedly >accessed. But, presumably, their size is considerably smaller than >that of the payloads you want to protect. > >OTOH, if someone wants to shut down your account due to an exceeded >quota, they can keep reloading those pages until they've eaten up your >traffic quota. And, "they" can be an automated process! > >[Operating a server in stealth mode can avoid this. But, then >you're not "open to the public"! :> ] Doing some simple experiments by temporarily renaming/replacing some of the larger files being tageted, just to see how the bot reacts to the new environment. If they find renamed files it means something. If visits to get the same 17G alter it means something else. This all at the expense and patience of my ISP. Thumbs up there. RL