Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#25 Today 16:33:21
Re: Txp human detection
skewray wrote #340620:
I would have to switch hosting services, which I don’t really want to do. My hosting service does have something similar. Second, I don’t think Cloudflare stops the bots in question.
You’d need to switch your name servers to Cloudflare, and then Cloudflare handles your DNS records. Assuming your domain registrar allows you to change name servers to Cloudflare, you’re golden – no change of hosting company needed.
The process is:
- Add domain to Cloudflare (no changes to existing DNS yet)
- Cloudflare detects existing DNS records, imports them into its system (no changes to existing DNS yet)
- Cloudflare tells you the 2x name servers for your domain (no changes to existing DNS yet)
- You switch your domain to use the Cloudflare name servers (this switches DNS to Cloudflare)
- You then start using Cloudflare for your DNS records stuff.
I can do a screencast example if you’d like to see how it’s done.
For those with Cloudflare, does it stop bots coming from an ISP that do a single access and never come back? Can you check your logs?
Cloudflare has all manner of checks for bots, even on the free tier. You get more granularity & services if you pay them, but the free tier is absolutely fine for a lot of people who don’t want to worry about most bots. It won’t stop proper search bots checking your site, so you’re unlikely to lose any SERPs ranking as a result.
I use Cloudflare for almost all my sites DNS since it’s reliably the fastest (or top 3) DNS resolver. I don’t personally use the protection side of things, but I know if / when I get trounced by whatever invasion, I can flip a switch and get a heap of stuff at my disposal.
And you can always switch your name servers back again, you’re not beholden to Cloudflare for anything going forward.
Offline
#26 Today 17:12:46
Re: Txp human detection
I set Cache-Control: no-cache,no-store,max-age=0 in both .htaccess and the php code. Very belt-and-suspenders. No change in behaviour; it still loads a cookie but refreshes to human.php content. Caching doesn’t seem to be the (only) issue.
Last edited by skewray (Today 17:13:08)
Online
#27 Today 17:20:44
Re: Txp human detection
Cloudflare: I checked; my hosting does not allow a change in DNS server. I guess I could ask them if they could make a special hole for me. They’ve done stuff like that before.
I am, however, slightly skeptical that Cloudflare will block the agents that are irritating me. I am trying to protect intellectual property from becoming LLM fodder; I think Cloudflare’s main intent is to prevent high server loads. Am I wrong here?
Online
#28 Today 17:29:44
Re: Txp human detection
I tried:
RewriteRule "^articles/.+" human.php?tt=%{TIME} [QSA,L,R=302]It still reloads human.php. Mysteries!
(I’ve only tested with Firefox. Could be that, but it should work in every browser anyway.)
Online
#29 Today 17:56:22
Re: Txp human detection
skewray wrote #340627:
Cloudflare: I checked; my hosting does not allow a change in DNS server. I guess I could ask them if they could make a special hole for me. They’ve done stuff like that before.
May I ask which domain(s) is / are affected? It’s a domain registrar thing rather than a hosting thing, and I can’t recall ever seeing a domain registrar locking down name servers so they can’t be changed.
(Room read: I’m aiming for ‘helpful’ not ‘pedantic’.)
I am, however, slightly skeptical that Cloudflare will block the agents that are irritating me. I am trying to protect intellectual property from becoming LLM fodder; I think Cloudflare’s main intent is to prevent high server loads. Am I wrong here?
There’s nothing stopping you going belt + braces with Cloudflare + your own server-side efforts. It’s possible there’s more to the bot traffic that’s outside the scope of the logs, and it’s possible that it’s not just you being affected by it…so it’s possible Cloudflare have something in place to stop some / most / all of it already. For the sake of a name server switch to Cloudflare for 24 hours or so for an A / B check on your traffic, I’d consider doing it. Factor in your time and defensive measures already in place, and it might pay off.
…and worst case scenario, just flip your name servers back, and you’re out of Cloudflare. Done.
Offline
#30 Today 18:32:25
Re: Txp human detection
Since I only tinker with DNS records once a decade, all knowledge drains out of my brainpan. Previously I was looking at the DNS records at my hosting provider, which, in fact, does not hold my DNS records. My DNS records at my email provider have an “A” record that points to an IP address at my hosting provider. Cool. I assume that I tell Cloudflare about that IP address, so that my website doesn’t become unmoored from the universe. I may try this at some point.
Online