Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

BOT/Spider Trap Ideas

Tags:

php

bots

zombie-process

web-crawler

robots.txt

I have a client whose domain seems to be getting hit pretty hard by what appears to be a DDoS. In the logs it's normal looking user agents with random IPs but they're flipping through pages too fast to be human. They also don't appear to be requesting any images. I can't seem to find any pattern and my suspicion is it's a fleet of Windows Zombies.

The clients had issues in the past with SPAM attacks--even had to point MX at Postini to get the 6.7 GB/day of junk to stop server-side.

I want to setup a BOT trap in a directory disallowed by robots.txt... just never attempted anything like this before, hoping someone out there has a creative ideas for trapping BOTs!

EDIT: I already have plenty of ideas for catching one.. it's what to do to it when lands in the trap.

like image 402
Mikey1980 Avatar asked Sep 29 '10 20:09

Mikey1980

3 Answers

You can set up a PHP script whose URL is explicitly forbidden by robots.txt. In that script, you can pull the source IP of the suspected bot hitting you (via $_SERVER['REMOTE_ADDR']), and then add that IP to a database blacklist table.

Then, in your main app, you can check the source IP, do a lookup for that IP in your blacklist table, and if you find it, throw a 403 page instead. (Perhaps with a message like, "We've detected abuse coming from your IP, if you feel this is in error, contact us at ...")

On the upside, you get automatic blacklisting of bad bots. On the downside, it's not terribly efficient, and it can be dangerous. (One person innocently checking that page out of curiosity can result in the ban of a large swath of users.)

Edit: Alternatively (or additionally, I suppose) you can fairly simply add a GeoIP check to your app, and reject hits based on country of origin.

like image 150
Alex Howansky Avatar answered Sep 29 '22 23:09

Alex Howansky

What you can do is get another box (a kind of sacrificial lamb) not on the same pipe as your main host then have that host a page which redirects to itself (but with a randomized page name in the url). this could get the bot stuck in a infinite loop tieing up the cpu and bandwith on your sacrificial lamb but not on your main box.

like image 39
Scott Chamberlain Avatar answered Sep 29 '22 22:09

Scott Chamberlain

I tend to think this is a problem better solved with network security more so than coding, but I see the logic in your approach/question.

There are a number of questions and discussions about this on server fault which may be worthy of investigating.

https://serverfault.com/search?q=block+bots

like image 39
Chris Adragna Avatar answered Sep 29 '22 23:09

Chris Adragna
Sign in to Comment

Related questions

When should I use print instead of echo in PHP?
Store GZIP:ed text in mysql?
Is it bad to throw exceptions to return server errors, eg. 404 Page Not Found?
Is it possible to make a PHP script run itself every hour or so without the use of a cronjob?
Disabling Xdebug's dumping of caught exceptions
2 different php request at same time per user
Add child to xml with PHP simpleXml
Creating Unique Key in MySQL table referring to date
How do I use a standalone class in cakephp 1.3?
File_get_contents not working?
How to get Users Email Id in Facebook application using PHP?
PHP - PDO return escaping slash, how to remove it?
How to use nginx with PHP?
to use thread safe or non thread safe php?
Magento - Programmatically reorder
Can a PHP callback accept its parameter(s) by reference?
Running a PHP script every 5 minutes and avoiding race conditions
UTF-8 not working in HTML forms
How to use a different server IP with PHP/cURL?
How to stream a media file using PHP?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!