Ddos protection. We’ve been dealing with some very aggressive crawlers/bots[1] in the last few hours, and this is the lowest collateral damage option we were able to come up with for handling that (for now).
I would have turned it off by now, but every 30 minutes we are still getting a burst of like 3000 requests in a 2 minute interval to random ?commentId= pages (which then trigger captchas). So my guess is the bots would come back in full force if we deactivate the captchas on those.
We can’t, or at least not easily. AWS serves the captcha before any of our servers ever see the request (which like, is good, because the whole point is that our servers are otherwise overloaded).
There might be a way to add some custom HTML or styling, though I haven’t found it.
What the hell?
Ddos protection. We’ve been dealing with some very aggressive crawlers/bots[1] in the last few hours, and this is the lowest collateral damage option we were able to come up with for handling that (for now).
I would have turned it off by now, but every 30 minutes we are still getting a burst of like 3000 requests in a 2 minute interval to random
?commentId=pages (which then trigger captchas). So my guess is the bots would come back in full force if we deactivate the captchas on those.Different IPs on each requests, changing user agents, randomly varied traffic patterns, the quite annoying kind
Perhaps we want to add a note on the side explaining this, so that most LW users are less confused (relative to this standard corporate text).
We can’t, or at least not easily. AWS serves the captcha before any of our servers ever see the request (which like, is good, because the whole point is that our servers are otherwise overloaded).
There might be a way to add some custom HTML or styling, though I haven’t found it.