I've accepted an answer, but sadly, I believe we're stuck with our original worst case scenario: CAPTCHA everyone on purchase attempts of the crap. Short explanation: caching / web farms make it impossible to track hits, and any workaround (sending a non-cached web-beacon, writing to a unified table, etc.) slows the site down worse than the bots would. There is likely some pricey hardware from Cisco or the like that can help at a high level, but it's hard to justify the cost if CAPTCHA-ing everyone is an alternative. I'll attempt a more full explanation later, as well as cleaning this up for future searchers (though others are welcome to try, as it's community wiki).

情况

这是关于woot.com上的垃圾销售。我是Woot Workshop的总统,Woot Workshop是Woot的子公司,负责设计,撰写产品描述,播客,博客文章,并主持论坛。我使用CSS/HTML,对其他技术几乎不熟悉。我与开发人员密切合作,在这里讨论了所有的答案(以及我们的许多其他想法)。

可用性是我工作的重要组成部分,而让网站变得令人兴奋和有趣则是剩下的大部分工作。这就是下面三个目标的来源。验证码损害了可用性,机器人从我们的垃圾销售中偷走了乐趣和兴奋。

机器人一秒钟就会在我们的首页上猛击数十次屏幕抓取(和/或扫描我们的RSS),以寻找随机垃圾销售。他们一看到这个,就会触发程序的第二阶段登录,点击“我要一个”,填好表格,然后买下这些垃圾。

评价

lc:在stackoverflow和其他使用此方法的站点上,他们几乎总是处理已验证(登录)的用户,因为正在尝试的任务需要这样。

在Woot上,匿名(未登录)用户可以查看我们的主页。换句话说,撞击机器人可以不经过身份验证(除了IP地址之外基本上无法跟踪)。

所以我们又回到了扫描IP, a)在这个云网络和垃圾邮件僵尸的时代是相当无用的,b)考虑到来自一个IP地址的业务数量,捕获了太多无辜的人(更不用说非静态IP isp的问题和试图跟踪它的潜在性能影响)。

还有,让别人给我们打电话是最糟糕的情况。我们能让他们给你打电话吗?

布拉德克:内德·巴切德的方法看起来很酷,但它们是专门设计来击败为网络站点构建的机器人的。我们的问题是机器人是专门用来破坏我们网站的。其中一些方法可能只在很短的时间内有效,直到脚本编写人员将他们的机器人进化为忽略蜜罐,从屏幕上抓取附近的标签名称而不是表单id,并使用支持javascript的浏览器控件。

 

lc再次说道:“当然,除非炒作是你们营销计划的一部分。”是的,绝对是。当物品出现时的惊喜,以及当你设法得到一件物品时的兴奋,可能比你实际得到的垃圾一样重要,甚至更重要。任何消除先到/先得的东西都不利于“赢”的快感。

 

novatrust:就我个人而言,欢迎我们新的机器人霸主。我们实际上提供RSSfeeds,允许第三方应用程序扫描我们的网站的产品信息,但不是在主站HTML之前。如果我的理解正确的话,你的解决方案通过完全牺牲目标1来帮助目标2(性能问题),并放弃机器人将购买大部分垃圾的事实。我给你的回答投了赞成票,因为你最后一段的悲观情绪对我来说是准确的。这里似乎没有什么灵丹妙药。

其余的响应通常依赖于IP跟踪,这似乎是无用的(僵尸网络/僵尸/云网络)和有害的(捕获许多来自相同IP目的地的无辜的人)。

还有其他方法/想法吗?我的开发人员一直在说“让我们只做验证码”,但我希望有更少的侵入性方法,让所有真正想要我们的垃圾的人。

最初的问题

假设你卖的东西很便宜,但有很高的感知价值,而你的数量非常有限。没有人确切地知道你什么时候会卖这个东西。超过一百万人经常来看你卖什么。

你最终会发现脚本和机器人试图通过编程方式[a]找出你何时出售该道具,[b]确保他们是第一批购买该道具的人。这很糟糕,有两个原因:

你的网站被非人类攻击,拖慢了所有人的速度。 编剧最终“赢得”了产品,让常客感到被骗了。

一个看似显而易见的解决方案是为用户在下单前设置一些障碍,但这至少有三个问题:

The user experience sucks for humans, as they have to decipher CAPTCHA, pick out the cat, or solve a math problem. If the perceived benefit is high enough, and the crowd large enough, some group will find their way around any tweak, leading to an arms race. (This is especially true the simpler the tweak is; hidden 'comments' form, re-arranging the form elements, mis-labeling them, hidden 'gotcha' text all will work once and then need to be changed to fight targeting this specific form.) Even if the scripters can't 'solve' your tweak it doesn't prevent them from slamming your front page, and then sounding an alarm for the scripter to fill out the order, manually. Given they get the advantage from solving [a], they will likely still win [b] since they'll be the first humans reaching the order page. Additionally, 1. still happens, causing server errors and a decreased performance for everyone.

另一种解决方案是经常监视ip攻击,阻止它们进入防火墙,或以其他方式阻止它们排序。这个可以解2。和阻止[b],但扫描ip对性能的影响是巨大的,可能会导致更多像1这样的问题。比编剧自己造成的还要严重。此外,云网络和垃圾邮件僵尸的可能性使得IP检查相当无用。

第三个想法,强迫订单表单加载一段时间(比如半秒),可能会减慢快速订单的进度,但同样,脚本编写人员仍然是第一个进入的人,在任何速度下都不会对实际用户造成损害。

目标

将道具卖给非脚本人。 保持网站运行的速度不被机器人减慢。 不要让“正常”用户完成任何任务来证明他们是人类。


当前回答

假定原则:

第一个屏幕必须是非常简单的低开销HTML,带有一个易于识别的按钮(游戏邦注:无论是机器人还是玩家),以明确表示“我想要我的垃圾”。因为我们假设了最坏的情况-你有来自机器人和非机器人组合的DOS攻击,所有人都首先点击网站(就可识别性而言)。所以让我们尽快把这些从缓存,良性回声机器人等中分发出去。

(注:就追求者而言,这就是发生的事情;这对用户和Woot来说都是痛苦的,所以任何有助于吸收或缓解首次屏幕获取的内容都符合三方的利益。)

然后,对于非机器人来说,这个过程不需要比现在更糟糕,对于正版机器人来说,不需要额外的步骤(或痛苦)。(关于当前设计的背景说明:当前的wooters通常已经签约,或者可以在购买过程中签约。新买家需要在购买时进行注册。所以实际上已经注册和已经登录会更快。)

为了完成垃圾销售,需要导航一系列交易屏幕(比如5个正负,取决于具体情况)。获胜者是第一个完成全部导航的人。当前进程奖励那些最快完成整个5个屏幕序列的机器人(或其他人);但整个进程都偏向于快速响应(即机器人)。

毫无疑问,机器人将在第一个屏幕上占据优势;无论他们在这一点上取得了什么优势,他们都会在剩下的屏幕上保持下去,再加上身体在其他阶段提供的任何优势。


What if Woot were to intentionally decouple the queuing process after the first screen, and feed every session from that point into a sequence of fixed-minimum-time steps? The second screen wouldn't even be presented until 30 seconds had passed; after it was submitted, same for the following screens. I bet wooters would have no problem if they were told that, after the first screen, they would wait in a queue (which is already true) that would spread the load over time in a way that should take no longer than before, be more robust, and help weed out the bots. At this point you can throw in some of the bot speedbumps listed above (subtle variations in DOM objects, etc.) Just the benefit from the perception that Woot is a little more in control of things would help.

If a much higher proportion of the BOC initial hits could segue into a bot-unfriendlier non-time-critical process on their first hit (or close to it), rather than retrying, then real people who get past that point would have more confidence. For sure it would be less hostile than the current situation. It might cut down on the background-noise-ambient-bot-rate that's going on all the time even under normal Woot-Off circumstances. And the bots would lay off the main page and sit in the queue with each other (and everyone else) where they have no advantage.

Hmmm... The concept "apartment-threaded" comes to mind. I wonder if the pattern is approximately useful? A useful core concept here is being able, after the first screen, to track accumulated total time in queue and be able to adjust to standard. As a bot-mitigation strategy, you would have a little bit of flexibility to maybe fudge the very earliest sessions by maybe 5-10 seconds; doing so would probably be undetectable, but would result in a richer non-bot purchase mix. I'm sure you have statistics to help evaluate stuff like this after the fact. Just for fun, you could (at least for one wootoff) put together your own bot that combines the best features you've seen, and then hand it out to everyone the day before. Then at least everyone would be equally armed. (Then duck ... incoming ...)

其他回答

这里最重要的事情是改变系统,从你的服务器上移除负载,防止机器人在不让奶瓶商知道你在和他们玩游戏的情况下赢得这袋垃圾,否则他们会修改他们的策略。我认为如果你们不进行一些处理,就没有办法做到这一点。

So you record hits on your home page. Whenever someone hits the page that connection is compared to its last hit, and if it was too quick then it is sent a version of the page without the offer. This can be done by some sort of load balancing mechanism that sends bots (the hits that are too fast) to a server that simply serves cached versions of your home page; real people get sent to the good server. This takes the load off the main server and makes the bots think that they are still being served the pages correctly.

如果这个提议能以某种方式被拒绝就更好了。然后你仍然可以在假服务器上提供报价,但当机器人填写表格时,说“对不起,你不够快”:)然后他们肯定会认为他们还在游戏中。

使用JavaScript动态地将信息写入页面。如果没有JS渲染引擎,屏幕抓取器和机器人肯定无法读取信息。

你需要想办法让机器人购买价格过高的东西:12毫米的坚果:20美元。看看有多少机器人在编剧认为你在耍他们之前抢了过来。

用这些利润购买更多的服务器和支付带宽。

我同意OP在这里-请不要验证码-这不是一个非常woot的做事方式。

首先设置一些机器人陷阱。我会在主页上更经常地提到BOC,让机器人看起来不智能,所以每次措辞都不同。“中行投诉上升!”所以扫描关键词的机器人会被困住。

然而,我认为真正的问题是双重的,首先是你需要解决的性能问题,今天是机器人造成了一个问题,但它向我表明,有一个性能问题需要解决。

其次,这是一个商业机会,可以把一些真正的垃圾转化为利润。所以我将保持整体woot风格并声明“我们检查机器人”。如果我们认为你是机器人,你就会得到一盒垃圾。”

机器人检查将在销售完成后的某个时间离线完成,使用机器人陷阱,IP号码,cookie,会话,浏览器字符串等。对你获得的购买者数据做一些认真的分析,以决定谁得到了废话。如果你决定发布垃圾,那么你就可以把一些正常的垃圾卖给别人。

以下是你可以做的一些合理假设:

Any automated solution can and will be broken. Making the site completely require human input (eg CAPTCHA) will greatly increase the difficulty of logging in/checking out/etc. You have a limited number of Bandoliers of Cabbage to sell. You can track users by session via a client-side cookie. You aren't dealing with extremely hardcore criminals here; these are simply technical people who are bending, but not breaking, the law. Successful orders via bots will go to the person's home, and likely not some third-party mail drop.

解决方案不是技术上的。这是一个政策问题。

在web服务器上记录所有客户端会话id。 制定“限制机器人”政策;比如,每X秒刮一次屏幕,让使用普通浏览器的用户能够点击刷新。任何被发现超过这个限制的用户都不会被开除。 接下来,向已知的机器人所有者发送一堆leakfrog。