> Yeah, you can't really talk about downsides of Recaptcha/Cloudflare without also acknowledging the extreme amount of malicious actors and abuse on the internet.
What percentage of traffic on the long tail of 95% of smallest websites served by CF is malicious then? So that we talk in numbers.
I have run a number of small and medium websites (20 users per month up to 2 million). At least 50% of the traffic I see in my logs includes some sql injection or other mass script kiddie bs.
It might be a poor business decision, but probably not for the reason most people would think.
An unusual UA is unlikely to move the needle on top line metrics, but it is a distraction and a misuse of resources to play cat and mouse. (Unless your business would be materially harmed by someone scraping your data... in which case, you’re doomed anyway.)
I've looked at my logs, and obvious nonsense like POST or GETs with any search params on a website that only has static html pages wich should not generate these kinds of requests is about 1% of last 25000 requests.
What percentage of traffic on the long tail of 95% of smallest websites served by CF is malicious then? So that we talk in numbers.