I've been managing a non-profit educational website for over 15 years, and it's filled with rich content. Recently, my site has been under siege from bots and crawlers, racking up around 700,000 page access requests daily. While I've managed to block some traffic using .htaccess, I'm exploring CAPTCHA solutions. However, services like Google reCAPTCHA and hCaptcha are proving to be quite costly given our minimal income. I'm considering whether Cloudflare Turnstile would help in this situation. What are some other methods I might use to deal with this influx of bot traffic?
5 Answers
Absolutely, the free tier of Cloudflare is pretty powerful! Their bot protection feature is really robust, and it might just handle your traffic issues without any added costs.
If you're concerned about just page views rather than forms, you should definitely cache as much as you can. That way, bots won't hit your origin server directly as much. Also, check your server for rate limiting options to manage request loads better.
I feel your pain! The internet is getting overrun, and trust systems just aren't cutting it anymore. It's really frustrating. Have you looked at specific firewall rules with Cloudflare to block known bots? Also, their 'under attack mode' could help you manage the traffic in emergencies.
Cloudflare Turnstile might not be the best fit if you’re looking to stop the bots entirely, but it’s great for stopping spam on forms. You could also consider using honeypots on your forms—they're a simple and cost-effective solution that can help catch a lot of bot traffic.
Check out Anubis; it's free and open-source. Many small sites have had good success with it, and it can integrate nicely with Cloudflare if you decide to use their services down the line.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads