top | item 47204906

(no title)

One issue I keep noticing is that most anti-bot systems optimize for blocking instead of increasing friction progressively.

Rate limits tied to behavioral patterns rather than identity seem to work better — especially interaction timing, navigation flow, or session consistency.

We experimented with something similar while building HiveHQ and found bots usually fail when systems require small contextual actions humans do naturally.

discuss

judahmeek|15 hours ago

So... use advanced pattern matching to determine human patterns & reject outliers?

Interaction timing is like rate limiting, but more granular

Navigation flow is a basically requiring bots to use a headless browser instead of API's

What does session consistency mean in this context? Restricting to a limited number of interests & activity times?