@[email protected] to [email protected]English • 2 months agoCloudflare plans marketplace to sell permission to scrape websitestechcrunch.commessage-square14fedilinkarrow-up1156cross-posted to: [email protected][email protected]
arrow-up1156external-linkCloudflare plans marketplace to sell permission to scrape websitestechcrunch.com@[email protected] to [email protected]English • 2 months agomessage-square14fedilinkcross-posted to: [email protected][email protected]
minus-squareRikudou_SagelinkfedilinkEnglish20•2 months agoPut a page on your website saying that scrapping your website costs [insert amount] and block the bots otherwise.
minus-square@[email protected]linkfedilinkEnglish14•2 months agoThe hard part is reliably detecting the bots
minus-squaremelroylinkfedilink5•2 months agoAlso you don’t want to block legit search engines that are not scraping your data for AI.
minus-square@[email protected]linkfedilinkEnglish6•2 months agoAgain: hard to differentiate all those different bots, because you have to trust that they are what they say they are, and they often are not
minus-squaremelroylinkfedilink5•2 months agoInstead of blocking bots on user agent… I’m blocking full IP ranges: https://gitlab.melroy.org/-/snippets/619
minus-square@[email protected]linkfedilinkEnglish4•edit-22 months agoIt certainly can be a cat and mouse game, but scraping at scale tends to be ahead of the curve of the security teams. Some examples: https://brightdata.com/ https://oxylabs.io/ Preventing access by requiring an account, with strict access rules can curb the vast majority of scraping, then your only bad actors are the rich venture capitalists.
How can I do this without Cloudflare?
Put a page on your website saying that scrapping your website costs [insert amount] and block the bots otherwise.
The hard part is reliably detecting the bots
Also you don’t want to block legit search engines that are not scraping your data for AI.
Again: hard to differentiate all those different bots, because you have to trust that they are what they say they are, and they often are not
Instead of blocking bots on user agent… I’m blocking full IP ranges: https://gitlab.melroy.org/-/snippets/619
It certainly can be a cat and mouse game, but scraping at scale tends to be ahead of the curve of the security teams. Some examples:
https://brightdata.com/
https://oxylabs.io/
Preventing access by requiring an account, with strict access rules can curb the vast majority of scraping, then your only bad actors are the rich venture capitalists.