>>(c) What the hell are they doing? Some will search for copyrighted images and, if they find some, they will send you some lawyer letter with a bill of 1500$ or so for using their image. (ie: Getty images,...) Most of them are simply looking for email addresses they could collect and sell to spamers.
>>The current offending IP reverses to China. From China, it could also be gouvernement spider check if your site is promoting human rights, and if yes, I've got bad new, your site will be BANNED form china ! ;-) PLUS email fetchers, of course. >>o Add a session variable that stores the last page view time down to the second. However, this may not work as the offending behavior is probably generated by a bot or desktop app that doesn't store session variables. Exact. Better store the IP address in an application (or even a server variable) and calculate a moving average of time between requests to pages. If the average gets lower than a certain minimum, ban the IP address for at least a couple or hours. The bot will be discaouraged. >>o Review my databased logs for the current IP's last twenty page views. This may put an extra small hit on the server, but over all not as much as an extra 2200 page views in an hour every couple of weeks. This can be a pretty heavy task for the server. Log files are pretty big files. >>If the requesting IP has requested more than twenty pages from the website in the current minute, I block the IP for a period of time, say, an hour or two. This is what I do, but I use a moving average in a server variable. Much more efficient than reading log files. ie: server.structPass[REMOTE_ADDR].durpass =server.structPass[REMOTE_ADDR].durpass*6/7 + thisLaps; In thisLaps I have the nb of seconds between last and current request. The formula gives a moving average over 7 consecutive requests. If this average goes below a certain amount, there are chances the agent is a bot. I use this test among others to detect bad bots. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:327289 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
