Reasons to block Bytedance and Bytespider Bots:
- They do not respect robots.txt rules.
- They are using well-known hosting services to bypass normal blocking channels or methods. For example, they are using AmazonAWS services to crawl websites and mask (or re-route) their origin IPs.
- Their crawling rates are extremely high.
- Typically, the bots’ origin IPs geolocation is China. When blocking the bots’ User Agents, the origin IPs geolocation changes to Singapore (another haven for malicious bots or bad actors).
wordpress.org
ModSecurity is an open-source web-based firewall application (or WAF) supported by different web servers: Apache, Nginx and IIS.
Open file modsecurity.conf
/etc/modsecurity/modsecurity.conf
Add the following code at the end, with a blank line at the end.
Code:
SecRule REQUEST_HEADERS:User-Agent "@contains bytedance" "id:'1000000',t:none,t:lowercase,deny,nolog"
SecRule REQUEST_HEADERS:User-Agent "@contains bytespider" "id:'1000001',t:none,t:lowercase,deny,nolog"Then run the following commands to restart Apache.
Code:
sudo apache2ctl configtest
sudo systemctl reload apache2
