• ares35
      link
      fedilink
      9
      edit-2
      11 months ago

      my own site for my very small business gets about 10 legit visitors a week, none of which have ever connected via a known vpn address (dating back some 15 years). another 100 page views a week on average from legit bots (msn, google, etc).

      the rest (and well over 95% of overall traffic) is bots, scrapers, and hackers, many of which use addresses linked to vpn services and pound the sites on the server looking for exploitable scripts (wordpress related, usually; which we’ve never run here), login and contact forms. if i could simply ‘flip a switch’ and redirect all vpn traffic to a separate landing page, i would seriously consider doing so. it wouldn’t affect site availability to our legit users and our target audience. but for now, mod_security is doing a stellar job and is the mvp.