You Don't Need Anubis

Web owners are fed up with Anubis, the “solve-a-puzzle before you enter” gate meant to stop scrapers from copying their sites. The hot take of the day: you don’t need Anubis if your only worry is AI scrapers, because most of them don’t run JavaScript—and a tiny cookie trick works just as well. Cue chaos. Security legend tptacek drops the hammer: “the PoW thing Anubis uses doesn’t make sense,” arguing the math behind those compute puzzles is misapplied. Then uqers storms in waving receipts: the cost math is wrong, calling out the claim that scraping Anubis costs “$0.00” as bad accounting. Meanwhile, gucci-on-fleek says when Anubis switched to a JavaScript challenge, “my server got overloaded,” turning the “bots don’t run JS” claim into a cliffhanger. And indrora warns: the bots are learning—they’re increasingly running JS, so this cookie trick is just the latest speed bump.

The users? Furious. yellow_lead says Anubis “fails completely” way too often, and even when it works, it delays real people, creating a meme-y vibe of “solve a Sudoku just to read a blog.” The community splits into camps: Team Ditch-It wants a barely-there JS cookie check, Team Keep-It says Anubis still helps during real attacks, and Team Cloudflare shrugs: use the big shield when things get serious. Drama, math fights, and CAPTCHA fatigue—peak internet energy.