Comment by Bender
8 days ago
I was able to block them on my silly hobby domains. Most of them were already blocked to begin with from blocking other shenanigans over the years. Even something as simple as blocking anyone that does not support HTTP/2.0 takes out most bots. Adding basic-auth also stops most of what gets through. Blocking TCP-SYN with strange MSS values cuts out many before they can even touch the web daemon.
No comments yet
Contribute on Hacker News ↗