To protect against the constant parsing of the web project we want to implement a fairly simple scheme (completely get rid of this is impossible- we know, but it is not necessary, the main thing is to complicate this task as much as possible):
Show captcha to all users who have made more than 10 requests to the server, for example, per 1 second. If the user unraveled the captcha and again violated the rules, then ban them, first time for 1 minute, then for an hour, etc.
But there is one very important aspect: Do Not ban search bots.
Tried Cloudflare, but they do not allow to show captcha, they only have an option of ban bad users. Other cloud firewalls do not give a clear description of such details on their sites, so if anyone knows what services will help to solve this problem, please share.
Or maybe there are some other ways for solving such problems?
Aucun commentaire:
Enregistrer un commentaire