I am working on a simple static website that gives visitors basic information about myself and the work I do. I want this as a way use to introduce myself to potential clients, collaborators, etc., rather than rely solely on LinkedIn as my visiting card.
This may seem sound rather oxymoronic given that I am literally going to be placing (some relevant) details about myself and my work on the internet, but I want to limit the websites’ access from bots, web scraping and content collection for LLMs.
Is this a realistic expectation?
Also, any suggestions on privacy respecting, yet inexpensive domains that I can purchase in Europe would be of super great help.
Speaking from experience, be careful you don’t become over-zealous in your anti-scraping efforts.
I often buy parts and equipment from a particular online supplier. I also use custom inventory software to catalog my parts. In the past, I could use cURL to pull from their website, and my software would parse the website and save part specifications to my local database.
They have since enacted intense anti-scraping measures, to the point that cURL no longer works. I’ve had to resort to having the software launch Firefox to load the web page, then the software extracts the HTML from Firefox.
I doubt that their goal was to block customers from accessing data for items they purchased, but that’s exactly what they did in my case. I’ve bought thousands of dollars of product from them in the past, but this was enough of a pain in the ass to make me consider switching to a supplier with a decent API or at least a less restrictive website.
Simple rate limiting may have been a better choice.
Try using “curl -A” to specify a User-Agent string that matches Chrome or Firefox.
I probably should have specified I’m using libcurl, but I did try the equivalent of what you suggested. I even tried setting a list of user agents and having it cycle through. None of them work. A lot of anti-scraping methods use much more complex schemes than just validating the user agent. In some cases, even a headless browser will be blocked.
I did this a while back for blocking LLMs and there are more methods discussed in that threads comments.
Scrape a bunch of Onion articles, link them together in an index, then post an invsible link from your home page that spiders will follow but humans can’t see.
Write a script to randomize the words on all the articles and link them in too. Then change the image tags to point to random wikimedia files.
If there’s one thing we’ve learned, it’s that there’s very little quality control. Channel your inner Ken Kesey / Merry Prankster. Have fun.
Why not add a basic http Auth to the site? Most web hosts provide a simple way to protect a site or directory.
You can have a simple username and pass for humans, but it will stop scrapers as they won’t get past the Auth challenge unless they know the details. I’m pretty sure you can even show login details in the Auth dialog, if you wanted to, rather than pre sharing them.
I don’t expect my potential collaborators and clients to make an account with username and passwords just to view my relevant details and works.
Or have I not understood your suggestion correctly?
https://en.wikipedia.org/wiki/Robots.txt
Should cover any polite web crawlers but it is voluntary.
https://platform.openai.com/docs/gptbot
Might have to put it behind a captcha or other type to severely limit automated access.
It’s not realistic to assume it won’t get scraped eventually. Such as someone paying people to bypass capatcha or web crawlers that don’t respect robots.txt. I also don’t know if Google and Microsoft bundle their AI data collection that doesn’t also remove your site from web search.
