Just to stress the urgency for fixes to deal with these kind of botnets...
I have been trying to deal with these botnets for about 3 - 4 weeks now, nearly on a daily basis, with yesterday close to 700 GByte of traffic in a single day (!!!)
Had been away for almost all day, so I caught it only after many hours.
Lots and lots of botnets without any obvious user agent.
Not only are those trying to scrape data with those sid's, but also lots and lots trying to request to reset a password. This could in theory be about fetching pages with a link pointing to this, but I doubt it is this 'innocent'.
This is really unmanageble with the server load back to 100% if you only blink your eyes a few times too many.
Millions of page requests per day and typically 50 - 60 GByte/day in traffic for those bots which 'attack' the site with 4000 - 11000 at the same time.
I did start blocking complete /8 subnets, but when should you stop?
I already blocked IPs from Brazil, India, Indonesia, Vietnam and lots and lots of AI botnets. (Semrush botnet is especially brutally annoying)
This is complete madness and I really don't want to start using some service like Cloudflare is offering.
I have been trying to deal with these botnets for about 3 - 4 weeks now, nearly on a daily basis, with yesterday close to 700 GByte of traffic in a single day (!!!)
Had been away for almost all day, so I caught it only after many hours.
Lots and lots of botnets without any obvious user agent.
Not only are those trying to scrape data with those sid's, but also lots and lots trying to request to reset a password. This could in theory be about fetching pages with a link pointing to this, but I doubt it is this 'innocent'.
This is really unmanageble with the server load back to 100% if you only blink your eyes a few times too many.
Millions of page requests per day and typically 50 - 60 GByte/day in traffic for those bots which 'attack' the site with 4000 - 11000 at the same time.
I did start blocking complete /8 subnets, but when should you stop?
I already blocked IPs from Brazil, India, Indonesia, Vietnam and lots and lots of AI botnets. (Semrush botnet is especially brutally annoying)
This is complete madness and I really don't want to start using some service like Cloudflare is offering.
Statistics: Posted by TD-er — Sun Jun 08, 2025 9:27 pm