@[email protected] to [email protected]English • 15 hours agoCloudflare plans marketplace to sell permission to scrape websitestechcrunch.commessage-square11fedilinkarrow-up1134cross-posted to: [email protected]
arrow-up1134external-linkCloudflare plans marketplace to sell permission to scrape websitestechcrunch.com@[email protected] to [email protected]English • 15 hours agomessage-square11fedilinkcross-posted to: [email protected]
minus-squareRikudou_SagelinkfedilinkEnglish20•15 hours agoPut a page on your website saying that scrapping your website costs [insert amount] and block the bots otherwise.
minus-square@[email protected]linkfedilinkEnglish8•12 hours agoThe hard part is reliably detecting the bots
minus-squaremelroylinkfedilink4•10 hours agoAlso you don’t want to block legit search engines that are not scraping your data for AI.
minus-square@[email protected]linkfedilinkEnglish4•10 hours agoAgain: hard to differentiate all those different bots, because you have to trust that they are what they say they are, and they often are not
minus-squaremelroylinkfedilink3•9 hours agoInstead of blocking bots on user agent… I’m blocking full IP ranges: https://gitlab.melroy.org/-/snippets/619
minus-square@[email protected]linkfedilinkEnglish1•edit-26 hours agoIt certainly can be a cat and mouse game, but scraping at scale tends to be ahead of the curve of the security teams. Some examples: https://brightdata.com/ https://oxylabs.io/ Preventing access by requiring an account, with strict access rules can curb the vast majority of scraping, then your only bad actors are the rich venture capitalists.
How can I do this without Cloudflare?
Put a page on your website saying that scrapping your website costs [insert amount] and block the bots otherwise.
The hard part is reliably detecting the bots
Also you don’t want to block legit search engines that are not scraping your data for AI.
Again: hard to differentiate all those different bots, because you have to trust that they are what they say they are, and they often are not
Instead of blocking bots on user agent… I’m blocking full IP ranges: https://gitlab.melroy.org/-/snippets/619
It certainly can be a cat and mouse game, but scraping at scale tends to be ahead of the curve of the security teams. Some examples:
https://brightdata.com/
https://oxylabs.io/
Preventing access by requiring an account, with strict access rules can curb the vast majority of scraping, then your only bad actors are the rich venture capitalists.