←back to thread

252 points lgats | 6 comments | | HN request time: 0.199s | source | bottom

I have been struggling with a bot– 'Mozilla/5.0 (compatible; crawler)' coming from AWS Singapore – and sending an absurd number of requests to a domain of mine, averaging over 700 requests/second for several months now. Thankfully, CloudFlare is able to handle the traffic with a simple WAF rule and 444 response to reduce the outbound traffic.

I've submitted several complaints to AWS to get this traffic to stop, their typical followup is: We have engaged with our customer, and based on this engagement have determined that the reported activity does not require further action from AWS at this time.

I've tried various 4XX responses to see if the bot will back off, I've tried 30X redirects (which it follows) to no avail.

The traffic is hitting numbers that require me to re-negotiate my contract with CloudFlare and is otherwise a nuisance when reviewing analytics/logs.

I've considered redirecting the entirety of the traffic to aws abuse report page, but at this scall, it's essentially a small DDoS network and sending it anywhere could be considered abuse in itself.

Are there others that have similar experience?

Show context
giardini ◴[] No.45613594[source]
Hire a lawyer and have him send the bill for his services to them immediately with a note on the consequences of ignoring his notices. Bill them aggressively.
replies(2): >>45614168 #>>45614202 #
1. Animats ◴[] No.45614168[source]
Yes. Computer Fraud and Abuse Act to start.

The first demand letter from a lawyer will usually stop this. The great thing about suing big companies is that they have to show up. You have no contractual agreement which prevents suing; this is entirely from the outside.

replies(1): >>45619604 #
2. SoftTalker ◴[] No.45619604[source]
Threatening to sue is one thing. Actually doing it will cost you time and money. And even if you get a judgement how are you going to collect from some rando in Singapore?
replies(1): >>45619950 #
3. tracker1 ◴[] No.45619950[source]
AWS isn't some rando in Singapore.
replies(1): >>45621333 #
4. SoftTalker ◴[] No.45621333{3}[source]
AWS isn't doing this. The rando renting the AWS instance in Singapore is.
replies(2): >>45622279 #>>45625768 #
5. Animats ◴[] No.45622279{4}[source]
There are ways. You sue AWS and "Does 1-50". Then AWS's lawyers become eager to tell you who misused their service so you can sue the other party. Talk to a lawyer.
6. impossiblefork ◴[] No.45625768{4}[source]
It's AWS's system and they have been informed that the spam/DDOS is ongoing.

They have control of what goes on on their computers and they are responsible.