Bots are currently scraping the internet for LLM training data at unprecedented rates[1][2][3], driving up costs and destabilizing public-facing websites. I want to talk about how this has been particularly difficult for wikis, and has gotten much worse in the last few months.
Yeah hosting just about anything is terrible these days. These AI scrapers just can’t act normally, there was nothing wrong with the way GoogleBot and Bing Bot work. They scrape the website, respect robots.txt and nofollow, they rate limit themselves as to not overload the servers. It was just fine.
These days with those AI scrapers they go absolutely ape shit, they issue dozens of requests every second, try to scrape anything and everything. Going so far as to make up urls, just to see if they get lucky. My blocklist is huge and I need to keep updating it all the time. And every now and again one slips through and absolutely slams the server. This causes an alert and I need to act right away. It’s fucking terrible.
AI is already shit, why do those companies go out of their way to be even more shit?
Do you have links or tutorials that would help to deal with these issues?
Yes, I use this block list as well as my own additions (mostly IPs of misbehaving bots):
https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker
It’s specifically for Apache, but that’s what I use. There are more of these kinds of lists available.
Can you automatically block any user with an unusually high rate of requests?
You could, but it’s tricky to get right I feel. Most small websites use a form of bot detection for visitors to manage this. This might be a service like Cloudflare or an open source thing like Anubis for example.
There’s different ways to tackle this and it sucks we are forced into putting time and effort to deal with it.
There’s a clever trick from Cloudflare:
https://blog.cloudflare.com/ai-labyrinth/