Project idea:
1. robots.txt blocking bot access to certain locations on your site
2. nginx config that tarpits bots on URLs that they are not supposed to visit
3. some stats on how much resources bots wasted already being tarpited.
Perhaps also:
2.1 while tarpiting, trickle out, byte by byte, something inane or otherwise poisoning the well.
@timp @rysiek I used an infinite tree of links:
<!DOCTYPE html>
<html lang="en">
<head>
</head>
<body>
<?php
$i = 65;
$path = mb_convert_case($_SERVER['REQUEST_URI'], MB_CASE_LOWER, "UTF-8");
$end = explode('?w=', $path);
for($i = 65; $i <= 90; $i++)
{
echo "<a href=\"tarpit.php?w=" . $end[1] . chr($i) ."\">" . chr($i) . "</a><br>";
}
?>
</body>
</html>
@timp @rysiek You could just create a page that accepts any characters in the URL path and then make it render a link to the "next" page which is a procedurally generated string of characters based on the provided input. That generates an infinite* chain
* Unless you create a collision in your procedural function; you could even just use a hashing function
@rysiek Could procedurally generate a graph and basically get them stuck in a loop?