@molly0xfff Isn't there a possibility of option 1.1? Keep things open but have SOMETHING in place to keep the abuse, at least moderately, in check?
@scottjenson sure. i'm not saying everyone should, say, drop DDoS protection.
but "only allow humans to access" is just not a feasible metric — you will ALWAYS let bots through and prevent humans, and you need to decide where you want to set the cutoff.
@molly0xfff Oh completely agree! Didn't mean to take away from your main point.