你不能停止正常的屏幕抓取。不管是好是坏，这就是网络的本质。

你可以让任何人都不能访问某些东西(包括音乐文件)，除非他们以注册用户的身份登录。在Apache中做到这一点并不难。我想在IIS中也不会太难。

快速解决这个问题的方法是设置一个陷阱。

Make a page that if it's opened a certain amount of times or even opened at all, will collect certain information like the IP and whatnot (you can also consider irregularities or patterns but this page shouldn't have to be opened at all). Make a link to this in your page that is hidden with CSS display:none; or left:-9999px; positon:absolute; try to place it in places that are less unlikely to be ignored like where your content falls under and not your footer as sometimes bots can choose to forget about certain parts of a page. In your robots.txt file set a whole bunch of disallow rules to pages you don't want friendly bots (LOL, like they have happy faces!) to gather information on and set this page as one of them. Now, If a friendly bot comes through it should ignore that page. Right but that still isn't good enough. Make a couple more of these pages or somehow re-route a page to accept differnt names. and then place more disallow rules to these trap pages in your robots.txt file alongside pages you want ignored. Collect the IP of these bots or anyone that enters into these pages, don't ban them but make a function to display noodled text in your content like random numbers, copyright notices, specific text strings, display scary pictures, basically anything to hinder your good content. You can also set links that point to a page which will take forever to load ie. in php you can use the sleep() function. This will fight the crawler back if it has some sort of detection to bypass pages that take way too long to load as some well written bots are set to process X amount of links at a time. If you have made specific text strings/sentences why not go to your favorite search engine and search for them, it might show you where your content is ending up.

无论如何，如果你从战术和创造性的角度思考，这可能是一个很好的起点。最好的办法就是学习机器人是如何工作的。

我还会考虑打乱一些ID或页面元素上的属性显示方式:

<a class="someclass" href="../xyz/abc" rel="nofollow" title="sometitle"> 

每次都会改变它的形式，因为一些机器人可能会在你的页面或目标元素中寻找特定的模式。

<a title="sometitle" href="../xyz/abc" rel="nofollow" class="someclass"> 

id="p-12802" > id="p-00392"

方法一(小型场地适用): 提供加密/编码的数据。我使用python (urllib, requests, beautifulSoup等)对web进行了Scape，发现许多网站提供加密/编码的数据，这些数据在任何编程语言中都无法解密，因为加密方法不存在。

我在一个PHP网站上通过加密和最小化输出实现了这一点(警告:这对大型网站来说不是一个好主意)，响应总是混乱的内容。

最小化PHP输出的例子(如何最小化PHP页面html输出?):

<?php
  function sanitize_output($buffer) {
    $search = array(
      '/\>[^\S ]+/s', // strip whitespaces after tags, except space
      '/[^\S ]+\</s', // strip whitespaces before tags, except space
      '/(\s)+/s'      // shorten multiple whitespace sequences
    );
    $replace = array('>', '<', '\\1');
    $buffer = preg_replace($search, $replace, $buffer);
    return $buffer;
  }
  ob_start("sanitize_output");
?>

方法二: 如果你不能阻止他们，那就给他们提供虚假/无用的数据作为回应。

方法三: 阻止常见的抓取用户代理，你会在主要/大型网站上看到这一点，因为你的user - agent不可能用“python3.4”来抓取它们。

方法四: 确保所有的用户标题都是有效的，我有时提供尽可能多的标题，使我的刮板看起来像一个真实的用户，其中一些甚至不是真实或有效的像en-FU:)。 下面是我通常提供的一些头文件的列表。

headers = {
  "Requested-URI": "/example",
  "Request-Method": "GET",
  "Remote-IP-Address": "656.787.909.121",
  "Remote-IP-Port": "69696",
  "Protocol-version": "HTTP/1.1",
  "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
  "Accept-Encoding": "gzip,deflate",
  "Accept-Language": "en-FU,en;q=0.8",
  "Cache-Control": "max-age=0",
  "Connection": "keep-alive",
  "Dnt": "1",  
  "Host": "http://example.com",
  "Referer": "http://example.com",
  "Upgrade-Insecure-Requests": "1",
  "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36"
}

你可以做一些事情来防止屏幕抓取。有些不是很有效，而另一些(验证码)是，但阻碍可用性。你必须记住，它也可能阻碍合法的网站刮刀，如搜索引擎索引。

然而，我认为如果你不希望它被删除，这意味着你也不希望搜索引擎索引它。

这里有一些你可以尝试的方法:

Show the text in an image. This is quite reliable, and is less of a pain on the user than a CAPTCHA, but means they won't be able to cut and paste and it won't scale prettily or be accessible. Use a CAPTCHA and require it to be completed before returning the page. This is a reliable method, but also the biggest pain to impose on a user. Require the user to sign up for an account before viewing the pages, and confirm their email address. This will be pretty effective, but not totally - a screen-scraper might set up an account and might cleverly program their script to log in for them. If the client's user-agent string is empty, block access. A site-scraping script will often be lazily programmed and won't set a user-agent string, whereas all web browsers will. You can set up a black list of known screen scraper user-agent strings as you discover them. Again, this will only help the lazily-coded ones; a programmer who knows what he's doing can set a user-agent string to impersonate a web browser. Change the URL path often. When you change it, make sure the old one keeps working, but only for as long as one user is likely to have their browser open. Make it hard to predict what the new URL path will be. This will make it difficult for scripts to grab it if their URL is hard-coded. It'd be best to do this with some kind of script.

如果我必须这样做，我可能会结合使用后三种方法，因为它们最大限度地减少了对合法用户的不便。然而，你必须接受这样的事实:你不可能用这种方式屏蔽所有人，一旦有人想出了绕过它的方法，他们就可以永远地刮掉它。我猜你可以在发现他们的时候屏蔽他们的IP地址。

对不起，这真的很难做到……

我建议你礼貌地要求他们不要使用你的内容(如果你的内容是受版权保护的)。

如果是这样，他们不把它撤下来，那么你可以采取进一步的行动，给他们发一封停止通知信。

一般来说，无论你做什么来防止抓取可能最终会产生更负面的影响，例如可访问性，机器人/蜘蛛等。

从技术角度来看: 只需模拟谷歌在一次使用太多查询时的情况。这应该能让很多人停止。

从法律角度看: 听起来你发布的数据并不是私有的。这意味着你发布的名字、数据和其他信息是不受版权保护的。

如果是这种情况，刮刮器通过重新分发您的艺术家姓名等信息并没有侵犯版权。然而，当他们将你的网站加载到内存中时，他们可能侵犯了版权，因为你的网站包含了可版权的元素(如布局等)。

我建议你阅读Facebook诉Power.com的文章，看看Facebook如何阻止屏幕抓取。有很多合法的方法可以阻止别人窃取你的网站。他们可以影响深远，富有想象力。有时法院会相信这些论点。有时他们不会。

但是，假设你发布的是不受版权保护的公共领域信息，比如名字和基本数据……你应该以言论自由和开放数据的名义让它随风而逝。这就是网络的意义所在。