可能没有一个神奇的银弹来照顾机器人，但这些建议的组合可能有助于阻止他们，并将他们减少到一个更易于管理的数量。 如果您需要对这些建议进行任何澄清，请告诉我:

Any images that depict the item should be either always the same image name (such as "current_item.jpg") or should be a random name that changes for each request. The server should know what the current item is and will deliver the appropriate image. This image should also have a random amount of padding to reduce bots comparing image sizes. (Possibly changing a watermark of some sort to deter more sophisticated bots). Remove the ALT text from these images. This text is usually redundant information that can be found elsewhere on the pages, or make them generic alt text (such as "Current item image would be here"). The description could change each time a Bag of Crap comes up. It could rotate (randomly) between a number of different names: "Random Crap", "BoC", "Crappy Crap", etc... Woot could also offer more items at the "Random Crap" price, or have the price be a random amount between $0.95 and $1.05 (only change price once for each time the Crap comes up, not for each user, for fairness) The Price, Description, and other areas that differentiate a BoC from other Woots could be images instead of text. These fields could also be Java (not javaScript) or Flash. While dependent on a third-party plug-in, it would make it more difficult for the bots to scrape your site in a useful manner. Using a combination of Images, Java, Flash, and maybe other technologies would be another way to make it more difficult for the bots. This would be a little more difficult to manage, as administrators would have to know many different platforms. There are other ways to obfuscate this information. Using a combination of client-side scripting (javascript, etc) and server-side obfuscation (random image names) would be the most likely way to do it without affecting the user experience. Adding some obfuscating Java and/or Flash, or similar would make it more difficult, while possibly minimally impacting some users. Combine some of these tactics with some that were mentioned above: if a page is reloaded more than x times per minute, then change the image name (if you had a static image name suggested above), or give them a two minute old cached page. There are some very sophisticated things you could do on the back end with user behavior tracking that might not take too much processing. You could off-load that work to a dedicated server to minimize the performance impact. Take some data from the request and send it to a dedicated server that can process that data. If it finds a suspected bot, based on its behavior, it can send a hook to another server (front end routing firewall, server, router, etc OR back-end web or content server) to add some additional security to these users. maybe add Java applets for these users, or require additional information from the user (do not pre-fill all fields in the order page, making a different field empty each time randomly, etc).

我有一个解决方案(可能)没有列出(因为我还没有读完这里所有的……)

您可以通过浏览器的User Agent字符串跟踪唯一用户。从本质上讲，通过检查哪些信息是可用的“唯一”，你将能够获得足够的信息来区分不同的人(即使是在相同的IP地址上)。

看看EFF写的这篇文章 以及这个网站(也由EFF)，将“测试”你的独特只是基于你的用户代理从浏览器。

为了获得更好的唯一性，你可以在唯一性和ip地址的信息位之间进行比较，从而真正得到罪犯/机器人的可能性。

也从EFF签出这个pdf

通过服务器上的iptables(如果是基于Linux的)或使用专用的“路由器”来限制每个IP地址的并发连接

为什么不让首页只是一个图像映射图形(所有一张图片没有标签，标签等)?人类在几乎任何设备上都能轻松阅读和理解，但机器人却无法进行询问。从本质上讲，整个首页都是一个验证码。

ASP.net AJAX控件工具包中的NoBot控件呢?

它做了一些自动javascript请求和计时技巧，以防止机器人在没有用户交互的情况下访问网站。

抱歉，如果这不符合要求，我得打个电话 tl;博士> D

我的解决方案是市场变革和技术变革的结合。

目前，销售垃圾促销袋部分的技术方面被处理为正常的woot销售。促销开始了，人们争相购买，所有的商品都卖光了。用于日常销售的相同统计图表都是用过的垃圾销售。

这里涉及到几个市场目标:

Get customers to visit the site once every day (impluse purchasing). The possiblility of a seeing a bag of crap sale is the reason/reward. Network/viral/gossipy effect where a customer sees a bag of crap sale is on they will IM/EMail/Telephone their friends. There is also what I'd call general "good will". Woot is a really cool place because it occasionally rewards its customers with amazing sales (bag of crap that included a flat panel tv)... AND its done in a fair "first comes first served" manner.

前两个似乎是最重要的。纯粹的访客数量会影响正常交易的销售速度(或销售一空)。传统上，新客户主要是通过口口相传来吸引的，让客户把自己的朋友推荐到woot.com是一种胜利。

所以…我的解决方案是将促销活动的递送方式改为更多的抽奖方式。

偶尔用户可以做一些有趣的事情，看看他们是否有资格得到一袋垃圾。有趣的内容可以是类似“punch The monkey”或Orbitz迷你看球游戏、棒球或曲棍球的愚蠢flash游戏。这里的目标是机器人无法编写脚本的游戏，因此需要相当谨慎。我们的目标也不仅仅是给游戏赢家一袋垃圾……但对所有游戏玩家来说。

The technical core of the game is that at the end of the game a request is made to a server that does an "instant lottery" to determine if the user has won a bag of crap sale opportunity. The server request will need to include something calculated by the game itself (roughly speaking "hash cash"... a complex, CPU cycle consuming, calculation, and hopefully one that is difficult to reproduce). This is to prevent a bot from repeatedly entering the lottery just be querying the lottery server/service.

游戏本身也会随着时间而改变。你可以为万圣节、圣诞节、情人节、复活节等制作特殊事件游戏。还有许多有趣的营销理念可以与woot的“wooiness”相匹配。

If the user wins they can purchase N bags of crap (in a time limited window)... but they can also send N friends a time limited invitation to purchase a bag of crap (good for 24 hours). This provides a super strong network effect... customers will definately tell their friends. Or you could also do it as "buy 1 give 1"... let customers buy up to a total of N but force every second one to be shipped to a friend. The key here is to make the network/gossip effect an full fledged part... help the customer tell the world about the wonderfulness of woot.

促销材料周围袋垃圾销售概念也将需要修改。一袋垃圾多快卖完的图表已经无关紧要了。比如每个月人们有多少次机会购买。有多少人告诉他们的朋友。材料应该微妙地强调这一点，每天去拜访是一个好主意。

你也可以宣传为什么一袋垃圾的销售正在改变。尤其是你免费雇佣了最烂的顾问。