this post was submitted on 07 Jul 2025

586 points (98.3% liked)

Open Source

38699 readers

407 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml

586

The Open-Source Software Saving the Internet From AI Bot Scrapers (www.404media.co)

submitted 1 day ago by fattyfoods to c/opensource@lemmy.ml

108 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] thedeadwalking4242@lemmy.world 8 points 23 hours ago (1 children)

I know people love anime myself included, but this popping up on my work PC can be frustrating

[–] ILikeBoobies@lemmy.ca 10 points 23 hours ago

Contact the administrator to ask them to change the landing page

[–] Panda@lemmy.today 34 points 1 day ago (2 children)

I've seen this pop up on websites a lot lately. Usually it takes a few seconds to load the website but there have been occasions where it seemed to hang as it was stuck on that screen for minutes and I ended up closing my browser tab because the website just wouldn't load.

Is this a (known) issue or is it intended to be like this?

[–] Cricket@lemmy.zip 2 points 16 hours ago

I have had a similar experience. Most sites with Anubis take only a few seconds to go through, but I ran into I think it was some small blog where it took at least 5 minutes. Like someone mentioned, it may have been how they set it up with number of hashes required. The site that took forever for me seemed to have some exorbitant number like 5k or 50k (I don't recall exactly).

[–] lime@feddit.nu 25 points 1 day ago (1 children)

anubis is basically a bitcoin miner, with the difficulty turned way down (and obviously not resulting in any coins), so it's inherently random. if it takes minutes it does seem like something is wrong though. maybe a network error?

[–] isolatedscotch@discuss.tchncs.de 19 points 1 day ago* (last edited 1 day ago) (1 children)

adding to this, some sites set the difficulty way higher then others, nerdvpn's invidious and redlib instances take about 5 seconds and some ~20k hashes, while privacyredirect's inatances are almost instant with less then 50 hashes each time

[–] RepleteLocum@lemmy.blahaj.zone 7 points 1 day ago (4 children)

So they make the internet worse for poor people? I could get through 20k in a second, but someone with just an old laptop would take a few minutes, no?

[–] MadPsyentist@lemmy.nz 4 points 12 hours ago

Just wait till they hit my homepage with a 200mb react frontend, 9 seperate tracking / analytics scripts and generic shopify scripts on it :P

[–] CrabAndBroom@lemmy.ml 5 points 18 hours ago

Isn't that just the way things work in general though? If you have a worse computer, everything is going to be slower, broadly speaking.

[–] isolatedscotch@discuss.tchncs.de 11 points 22 hours ago

So they make the internet worse for poor people? I could get through 20k in a second, but someone with just an old laptop would take a few minutes, no?

i mean, kinda? you are absolutely right that someone with an old pc might need to wait a few extra seconds, but the speed is ultimately throttled by the browser

[–] JackbyDev@programming.dev 6 points 23 hours ago

Well, it's the scrapers that are causing the problem.

[–] unexposedhazard@discuss.tchncs.de 124 points 1 day ago* (last edited 1 day ago) (3 children)

Non paywalled link https://archive.is/VcoE1

It basically boils down to making the browser do some cpu heavy calculations before allowing access. This is no problem for a single user, but for a bot farm this would increase the amount of compute power they need 100x or more.

[–] exu@feditown.com 11 points 1 day ago

It inherently blocks a lot of the simpler bots by requiring JavaScript as well.

[–] Mubelotix@jlai.lu 75 points 1 day ago (5 children)

Exactly. It's called proof-of-work and was originally invented to reduce spam emails but was later used by Bitcoin to control its growth speed

[–] JackbyDev@programming.dev 7 points 23 hours ago (2 children)

It's funby that older captchas could be viewed as proof of work algorithms now because image recognition is so good. (From using captchas.)

[–] Ferk@lemmy.ml 1 points 3 hours ago* (last edited 3 hours ago)

That's actually a good idea. A very simple "click the frog" captcha might be solvable by an AI but it would work as a way to make it more expensive for crawlers without wasting compute resources (energy!) on the user or slowing down old devices to a crawl. So in some ways it could be a better alternative to Anubis.

[–] Mubelotix@jlai.lu 4 points 18 hours ago* (last edited 18 hours ago)

Interesting stance. I have bought many tens of thousand of captcha soves for legitimate reasons, and I have now completely lost faith in them

load more comments (4 replies)

load more comments (1 replies)

[–] inbeesee@lemmy.world 2 points 22 hours ago

Fantastic article! Makes me less afraid to host a website with this potential solution

[–] Jankatarch@lemmy.world 40 points 1 day ago

Everytime I see anubis I get happy because I know the website has some quality information.

[–] interdimensionalmeme@lemmy.ml 9 points 1 day ago

Open source is also the AI scraper bots AND the internet itself, it is every character in the story.

[–] grysbok@lemmy.sdf.org 52 points 1 day ago

My archive's server uses Anubis and after initial configuration it's been pain-free. Also, I'm no longer getting multiple automated emails a day about how the server's timing out. It's great.

We went from about 3000 unique "pinky swear I'm not a bot" visitors per (iirc) half a day to 20 such visitors. Twenty is much more in-line with expectations.

[–] refalo@programming.dev 18 points 1 day ago* (last edited 1 day ago) (2 children)

I don't understand how/why this got so popular out of nowhere... the same solution has already existed for years in the form of haproxy-protection and a couple others... but nobody seems to care about those.

[–] LePoisson@lemmy.world 2 points 13 hours ago

Probably a similar reason as to why we don't hear about the other potential hundreds of competing products or solutions to the same problem (in general).

Luck.

It's just not fair in our world.

[–] Flipper@feddit.org 46 points 1 day ago (1 children)

Probably because the creator had a blog post that got shared around at a point in time where this exact problem was resonating with users.

It's not always about being first but about marketing.

[–] JohnEdwa@sopuli.xyz 26 points 1 day ago* (last edited 1 day ago) (1 children)

It’s not always about being first but about marketing.

And one has a cute catgirl mascot, the other a website that looks like a blockchain techbro startup.
I'm even willing to bet the amount of people that set up Anubis just to get the cute splash screen isn't insignificant.

[–] JackbyDev@programming.dev 17 points 23 hours ago

Compare and contrast.

High-performance traffic management and next-gen security with multi-cloud management and observability. Built for the enterprise — open source at heart.

Sounds like some over priced, vacuous, do-everything solution. Looks and sounds like every other tech website. Looks like it is meant to appeal to the people who still say "cyber". Looks and sounds like fauxpen source.

Weigh the soul of incoming HTTP requests to protect your website!

Cute. Adorable. Baby girl. Protect my website. Looks fun. Has one clear goal.

[–] fuzzy_tinker@lemmy.world 88 points 1 day ago (7 children)

This is fantastic and I appreciate that it scales well on the server side.

Ai scraping is a scourge and I would love to know the collective amount of power wasted due to the necessity of countermeasures like this and add this to the total wasted by ai.

load more comments (7 replies)

load more comments