How do you handle bad bots?

charlfields · March 25, 2024, 10:58pm

I am currently getting hammered by bad bots, I use a WordPress plugin bad bots pro on some of my websites but still having a hard time dealing with them. I would prefer something that is not PHP related, and it’s handled by the server directly. Some of my websites are full dynamic, so I am unable to use fastcgi cache. Also I am unable to use a security CDN, so what do you use on the server side?

Raphael · March 26, 2024, 5:44am

I would maybe start with the ipset blacklist and see, if you have less bot activity: Firewall | Hestia Control Panel

pluto · March 26, 2024, 9:04am

This might be a bit of overkill, but it works at the nginx level.

The install script doesn’t interfere with hestia config, but of course backup your /etc/nginx directory first.
Once installed globally you enable it for each site that needs it with a single config line. Or is it two. Anyway, not hard.

pluto · March 26, 2024, 9:05am

Simpler approach might be to have a rule like this and insert it where needed.

if ($http_user_agent ~* “SemrushBot|Semrush|AhrefsBot|MJ12bot|YandexBot|+++++add your own here++++|linkfluence.com|TweetmemeBot|LinkisBot”) { return 403; }

heart1010 · March 26, 2024, 10:48am

IPset blacklist and eventually have a look at 8G Firewall (Apache only until now, NGINX a little later - use 7G Firewall for NGINX until then)

bestperson · March 26, 2024, 8:41pm

Cloudflare is highly customizable and has fairly easy WAF rules.

johntk22 · March 27, 2024, 12:36am

To handle the bad bots at the server is to use the server side security tool like Fail2Ban. It can monitor the log files and for suspicious activity and automatically block the IP address for malicious behavior including those associated with bad bots.

jlguerrero · March 28, 2024, 10:49pm

I have 7G nginx installed serverwide. It is highly advisable.

jlguerrero · March 28, 2024, 10:51pm

Hi Pluto, does this work fine along with 7G Firewall?

For simplicity I am considering to put both to work.

pluto · March 29, 2024, 4:32am

I haven’t tried them together. I’d say use one or the other, as there is a lot of duplication between the two. 7g/8g is probably good enough for most uses, and pretty easy to troubleshoot when you activate the logging. I needed this recently when the 8G version I installed on a server started blocking all URLs with ‘login’ in them, which seemed like a bit of an oversight.
The bad bot scripts are more complicated, and introduce different levels of treatment, such as rate-limiting some bots and completely banning others, so if this is something that appeals to you, then maybe switch to that. But my feeling is that running both would be unncessarily complicating things.

system · April 28, 2024, 4:33am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.