Admittedly, the whole stupidity of the article aside, they do make a valid point with their "triggering processes" bit. GET should not perform side-effects. That's what POST is for.
Also, for your blog, have you considered password-protecting it? As in, http passwords, which are still (surprisingly) a thing. You can even have a password-free landing page handing the password out to every human that visits, with an onward link to the password-protected site. That should stop the bots but keep letting the humans in.
> GET should not perform side-effects. That's what POST is for.
I agree, although not all triggered processes are things that cause changes; some might be calculations that are unnecessary for crawling, and other stuff like that.
> Also, for your blog, have you considered password-protecting it? As in, http passwords, which are still (surprisingly) a thing. You can even have a password-free landing page handing the password out to every human that visits, with an onward link to the password-protected site. That should stop the bots but keep letting the humans in.
I think it is a reasonable idea, although you can also add text into the password prompt that you can use to figure out the password (as the "realm" text). This also means that you will not need to use cookies.
Also, for your blog, have you considered password-protecting it? As in, http passwords, which are still (surprisingly) a thing. You can even have a password-free landing page handing the password out to every human that visits, with an onward link to the password-protected site. That should stop the bots but keep letting the humans in.