Re: Stopping webcrawlers.

To: debian-user@lists.debian.org
Subject: Re: Stopping webcrawlers.
From: john doe <johndoe65534@mail.com>
Date: Sun, 3 Nov 2019 18:48:36 +0100
Message-id: <[🔎] 0ad4bf7d-e34c-5824-b3d8-d40070fa6a1c@mail.com>
In-reply-to: <[🔎] 201911031236.07668.gheskett@shentel.net>
References: <[🔎] 201911031004.46626.gheskett@shentel.net> <[🔎] 201911031132.38865.gheskett@shentel.net> <[🔎] 6e37eb60-d5cf-0849-09e8-6ec5a2bd17db@mail.com> <[🔎] 201911031236.07668.gheskett@shentel.net>

On 11/3/2019 6:36 PM, Gene Heskett wrote:
> On Sunday 03 November 2019 12:11:16 john doe wrote:
>
>> On 11/3/2019 5:32 PM, Gene Heskett wrote:
>>> On Sunday 03 November 2019 10:34:09 john doe wrote:
>>>> On 11/3/2019 4:04 PM, Gene Heskett wrote:
>>>>> Greetings all
>>>>>
>>>>> I am developing a list of broken webcrawlers who are repeatedly
>>>>> downloading my entire web site including the hidden stuff.
>>>>>
>>>>> These crawlers/bots are ignoring my robots.txt files and aren't
>>>>> just indexing the site, but are downloading every single bit of
>>>>> every file there.
>>>>>
>>>>> This is burning up my upload bandwidth and constitutes a DDOS when
>>>>> 4 or 5 bots all go into this pull it all mode at the same time.
>>>>>
>>>>> How do I best deal with these poorly written bots? I can target
>>>>> the individual address of course, but have chosen to block the
>>>>> /24, but that seems not to bother them for more than 30 minutes.
>>>>> Its also a too broad brush, blocking legit addresses access.
>>>>> Restarting apache2 also work, for half an hour or so, but I may be
>>>>> interrupting a legit request for a realtime kernel whose built
>>>>> tree is around 2.7GB in tgz format
>>>>>
>>>>> How do I get their attention to stop the DDOS?  Or is this a war
>>>>> you cannot win?
>>>>
>>>> 'fail2ban' for the bots that does not respect robot.txt.
>>>
>>> Wasn't installed by this stretch version.  Is now, reading man
>>> page's. Frankly this looks dangerous when attempted to be run as
>>> beginning users. There ought to be a startup tutorial based on
>>> setting up the logging, then specifying who you want blocked from
>>> reading the logs.  Is there a formal tut of setting this up
>>> someplace?
>>
>> Those are more hints then an howto:
>>
>> https://askubuntu.com/questions/1116001/block-badbot-with-fail2ban-via
>> -user-agents-in-access-log
>> https://www.booleanworld.com/blocking-bad-bots-fail2ban/
>>
>> Or with Iptables:
>> https://blog.nintechnet.com/how-to-block-w00tw00t-at-isc-sans-dfind-an
>> d-other-web-vulnerability-scanners/
>> https://javapipe.com/blog/iptables-ddos-protection/
>>
>>
>> I guess I would impliment both approaches.
>>
>>
>> Does your website realy need to be available to the world?
>> Can't you consider an VPS with anti-DDoS capability?
>>
> Wouldn't have the foggiest how to set that up.  And/or setting up a
> login/password.  What I have there is of very little interest to folks
> not running an rpi3b or rpi4b, or a trs-80 Color Computer.
>
> What advantage would the vps offer? And likely not have time to setup as
> I'm scheduled for a new aortic valve to be installed Tuesday. Mine is 85
> yo and about wore out. Pumping efficiency is about 30% due to leakage.

I was talking about a paid solution like (1).

If you need to have some files accessible to the world, can't you use
google drive or alike solution

Basically, you only care about publishing the file you want to share and
not about the rest! :)

1)  https://www.ovh.com/world/anti-ddos/


--
John Doe

Reply to:

References:
- Stopping webcrawlers.
  - From: Gene Heskett <gheskett@shentel.net>
- Re: Stopping webcrawlers.
  - From: Gene Heskett <gheskett@shentel.net>
- Re: Stopping webcrawlers.
  - From: john doe <johndoe65534@mail.com>
- Re: Stopping webcrawlers.
  - From: Gene Heskett <gheskett@shentel.net>

Prev by Date: Re: Stopping webcrawlers.
Next by Date: Re: Stopping webcrawlers.
Previous by thread: Re: Stopping webcrawlers.
Next by thread: Re: Stopping webcrawlers.
Index(es):
- Date
- Thread