You mean for the referer part? Of course you don’t want it for all urls and there’s some legitimate cases. I have that on specific urls where it’s highly unlikely, not every url. E.g. a direct link to a single comment in lemmy, plus whitelisting logged-in users. Plus a limit, like >3 times an hour before a ban.
It’s a pretty consistent bot pattern, they will go to some subsubpage with no referer with no prior traffic from that it, and then no other traffic from that ip after that for a bit (since they cycle though ip’s on each request) but you will get a ton of these requests across all ips they use. It was one of the most common patterns i saw when i followed the logs for a while.
JustTesting@lemmy.hogru.ch 2 weeks ago
You mean for the referer part? Of course you don’t want it for all urls and there’s some legitimate cases. I have that on specific urls where it’s highly unlikely, not every url. E.g. a direct link to a single comment in lemmy, plus whitelisting logged-in users. Plus a limit, like >3 times an hour before a ban.
It’s a pretty consistent bot pattern, they will go to some subsubpage with no referer with no prior traffic from that it, and then no other traffic from that ip after that for a bit (since they cycle though ip’s on each request) but you will get a ton of these requests across all ips they use. It was one of the most common patterns i saw when i followed the logs for a while.