The best way of defending would be whitelisting of course, but that's kind of hard to do for user agents.
Blocking IP's is not a very sustainable solutio; adversaries just jump to a different host in their botnet which changes the request' source address and makes IP blocks useless. 2016-03-01 19:47 GMT+01:00 Jacob Anderson <[email protected]>: > You could just take the draconian route and block the bot's IP addresses > using ipfw or iptables. That way you don't even take up resources in pound. > Just dump them at the gate... > > -----Original Message----- > From: Mike Slinn [mailto:[email protected]] > Sent: Tuesday, March 1, 2016 10:14 AM > To: [email protected] > Subject: Re: [Pound Mailing List] Blocking spambots > > robots.txt is only honored by the good guys. For bad guys, robots.txt > provides a list of places that they know you don't want them to look at. > Also, if pound blocks the bad guys, the web server won't have to handle > those requests, which can present a significant load. > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions.
