tirreno (1) guy here.

Our open-source system can block IP addresses based on rules triggered by specific behavior.

Can you elaborate on what exact type of crawlers you would like to block? Like, a leaky bucket of a certain number of requests per minute?

1. https://github.com/tirrenotechnologies/tirreno

▲

reconnecting 10 hours ago | parent | next [-]

I believe there is a slight misunderstanding regarding the role of 'AI crawlers'.

Bad crawlers have been there since the very beginning. Some of them looking for known vulnerabilities, some scraping content for third-party services. Most of them have spoofed UAs to pretend to be legitimate bots.

This is approximately 30–50% of traffic on any website.

▲

notachatbot123 11 hours ago | parent | prev [-]

The article is about AI web crawlers. How can your tool help and how would one set it up for this specific context?

▲

reconnecting 11 hours ago | parent [-]

I don't see how an AI crawler is different from any others.

The simplest approach is to count the UA as risky or flag multiple 404 errors or HEAD requests, and block on that. Those are rules we already have out of the box.

It's open source, there's no pain in writing specific rules for rate limiting, thus my question.

Plus, we have developed a dashboard for manually choosing UA blocks based on name, but we're still not sure if this is something that would be really helpful for website operators.

	▲	Roark66 10 hours ago \| parent [-]
		>It's open source, there's no pain in writing specific rules for rate limiting, thus my question. Depends on the goal. Author wants his instance not to get killed. Request rate limiting may achieve that easily in a way transparent to normal users.