Wouldn't it be better, if there's an easy way, to just feed such bots shit data ...

sotspecatcle · 2025-08-25T07:36:45 1756107405

    if ($http_user_agent ~* "BadBot") {
        limit_rate 1k;
        default_type application/octet-stream;
        proxy_buffering off;
        alias /dev/zero;
        return 200;
    }

Avamander · 2025-08-26T12:02:26 1756209746

I recommend you use gzip_static and serve a zip-bomb instead. Frees up the connection sooner and probably causes bad crawlers to exhaust their resources.

internet_points · 2025-08-25T07:56:46 1756108606

https://zadzmo.org/code/nepenthes/

throwawayffffas · 2025-08-25T07:31:55 1756107115

No serving shit data costs bandwidth and possibly compute time.

Blocking IPS is much cheaper for the blocker.

fuckaj · 2025-08-25T08:56:07 1756112167

Zip bomb?

aspenmayer · 2025-08-25T09:47:14 1756115234

Doesn’t that tie up a socket on the server similarly to how a keepalive would on the bot user end?

recursive · 2025-08-25T15:43:32 1756136612

I don't think so. The payload size of the bytes on the wire is small. This premise is all dependent on the .zip being crawled synchronously by the same thread/job making the request.

aspenmayer · 2025-08-26T13:00:26 1756213226

What if bots catch on to zip bombs, and just download them really slowly?

https://en.wikipedia.org/wiki/Zeno%27s_paradoxes#Dichotomy_p...

throwawayffffas · 2025-08-28T23:37:51 1756424271

Their objective is not to DDOS websites, if they catch on, they will download it fast and then discard it.