I have placed some code on my website for bot protection (i.e. if there are too many pageviews I disallow them) to save on my daily hits and have some protection
How do I adequately stop someone from accessing my site (and having a pageview) through automated code? (I already know about ip block)
Even if you have scripts which block access when you detect a spammer, any script which hits any file on your account will be counted as a hit. So the blocked requests from the spammer would still be counted as a hit.
We do have our own bot protection system which stops a lot of spammers already which doesn’t count against your hits limit. However, it’s not possible to prevent people from generating hits using any script on your website.
The only way you could reduce your hits usage is by using things like browser cache and combining assets. If a page includes 5 CSS files and 8 Javascript files, that’s 13 hits. If you combine them to one CSS file and one Javascript file, it’s only 2 hits. If you then use .htaccess rules to force browsers to cache the files, the browsers of your visitors won’t download the files on every request, also reducing hits usage.
actually that person bypassed the AES protection.
Also AES just disappeared when i enabled cloudflare security, but cloudflare didn’t stop that person anyway
do php include take hits?
is there some sort of api i can use to quickly block a person by ip as i would from cpannel and that could maybe stop the site from getting bot hits.
@kitokun10 said:
actually that person bypassed the AES protection.
Also AES just disappeared when i enabled cloudflare security, but cloudflare didn’t stop that person anyway
do php include take hits?
is there some sort of api i can use to quickly block a person by ip as i would from cpannel and that could maybe stop the site from getting bot hits.
Admin-san is there no way then?
@kitokun10 said:
actually that person bypassed the AES protection.
Also AES just disappeared when i enabled cloudflare security, but cloudflare didn’t stop that person anyway
do php include take hits?
is there some sort of api i can use to quickly block a person by ip as i would from cpannel and that could maybe stop the site from getting bot hits.
Browsers which support Javascript and cookies can go through the protection, so any real user can realistically access your website.
A hit is a request to a file on your website. A request to a script is one hit, no matter how many files are included in the script itself.
Blocking visitors by IP address is quite easy. A very minimalistic example could look like this:
<?php
$blockedIps = [
'12.34.56.78',
'78.56.34.12',
];
if (in_array($_SERVER['REMOTE_ADDR'], $blockedIps)) {
die('forbidden');
}
// the rest of your website.
If you’re using an existing script or CMS, the script or a plugin for that script may offer the functionality you need instead.
Alternatively, you could use the IP Blocker tool in your control panel.
So technically there’s no way to stop someone from getting hits…I wish infinity free had a bandwidth system that way I could deny bots more easily.
does a page with files included with php increase number of hits?
@kitokun10 said:
So technically there’s no way to stop someone from getting hits…I wish infinity free had a bandwidth system that way I could deny bots more easily.
While I understand why you’d want that, it would defeat the purpose of the hits counter from our perspective. We care about how much load you put on the servers and if your website is getting hammered by bots, that’s just as bad for our servers as having many visitors.
@kitokun10 said:
does a page with files included with php increase number of hits?
A hit is a request to a file or page on your website. A request to a script is one hit, no matter how many files are included in the script.