I believe that if something is publicly available, it shouldn't be overprotected in most cases.
However, there are many advanced cases, such as crawlers that collect data for platform impersonation (for scams) or custom phishing attacks, or account brute-force attacks. In those cases, I use tirreno to see traffic through different dimensions.
It depends. If you want to stop OAI-SearchBot/1.3, UA will be enough.
Why would you need tirreno if you just want to stop OAI's bot though?
OAI's is just an example that's easy to explain.
I believe that if something is publicly available, it shouldn't be overprotected in most cases.
However, there are many advanced cases, such as crawlers that collect data for platform impersonation (for scams) or custom phishing attacks, or account brute-force attacks. In those cases, I use tirreno to see traffic through different dimensions.