Re: Anonymous Google Chrome browsers now under additional scrutiny

I have the same problem on my own sites. I've added a blackhole that seems to, at least partially, mitigate the problem.

Added an entry in my robots.txt:

User-agent: *
Disallow: /secret/bla.php
[download]

Added a hidden link to the main page to an inbetween page that is never visibly linked anywhere. This mainly prevents that annoying pre-loading in chrome triggers anything.
The inbetween page links to /secret/bla.php
All IPs of clients navigating to /secret/bla.php get firewalled.

It's not perfect, but i was able to reduce bot traffic (no matter what UserAgent was set) by roughly 50%-80%. It's only a temporary win in the war against china and the silicon valley crowd, of course. But every little bit helps.

PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP
Also check out my sisters artwork and my weekly webcomics

Comment on Re: Anonymous Google Chrome browsers now under additional scrutiny Download Code

Replies are listed 'Best First'.
Re^2: Anonymous Google Chrome browsers now under additional scrutiny by LanX (Saint) on May 05, 2025 at 23:01 UTC
Well yes, a node behind the honeypot could automatically block the IP. But probably it's better to redirect blacklisted IPs to some static and link-wise shallow fake content to feed them a little. š Otherwise HTTP-Errors are easily detected, so someone might be triggered to improve the attack. From my understanding they are using IP-farms to attack us and share the harvested links among them for the next requests. Like that we might trap far more IPs in our "honeyfarm" Cheers Rolf _{(addicted to the Perl Programming Language :) see Wikisyntax for the Monastery} š) like a wget-mirror of the last week in a dedicated node-id range, there is a huge unused gap there, which we could reuse.	[reply]
Re^3: Anonymous Google Chrome browsers now under additional scrutiny by cavac (Prior) on May 09, 2025 at 14:35 UTC
Hmm, for some (other) attacks on my server, my backend actually grabs the WHOIS information and tries to extract the network range, which then gets iptabled. Of course, for my private server i can be a lot more aggresive in blocking large swathes of the internet. PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP Also check out my sisters artwork and my weekly webcomics	[reply]
Re^2: Anonymous Google Chrome browsers now under additional scrutiny by harangzsolt33 (Deacon) on May 07, 2025 at 01:32 UTC
Wow, that's really clever! :)	[reply]
Re^3: Anonymous Google Chrome browsers now under additional scrutiny by cavac (Prior) on May 09, 2025 at 14:31 UTC
Wasn't my idea. Found the basics on some forum (can't remember which) and then just iterated over the idea. There are some other "blackhole" URIs as well, mostly stuff check by bots searching for vulnerabilities. You know, Wordpress config pages and such... PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP Also check out my sisters artwork and my weekly webcomics	[reply]


Problems? Is your data what you think it is?
	PerlMonks