Whate are alternatives to using cookies/client-side storage for a PHP/MySQL based site on Apache. Scenario/Requirements: I want to try using some anti-bot code to prevent specific scrapers etc. from accessing the site. I would like to run this code before launching the rest of the site (before DB access etc.). I don't want to constantly run the same code on every page-load after a visitor has passed the initial check. I'd like to avoid the use of Cookies/Client side storage if at all possible. The only solution I can currently think of is to write files to the server based on the visitors IP/UA, or to write a list of them to a single file. Yet this has the limitation of multiple users through a proxy/same connection, etc ... So, any ideas/suggestions? Or am I simply over working the issue?