Hackers use bots to scan your web application’s front end and exploit vulnerabilities for access and control.
StackPath`s Bot Shield blocks unauthorized vulnerability scans by detecting them and preventing them from reaching your application directly. This denies them the ability to map your site and plan malicious activities, making an attack much more difficult and expensive. Our solution provides the following features:
- Easy and accurate defense against malicious bots without impacting legitimate users
- State-of-the-art detection and mitigation methods neutralize emerging bot threats like web scraping and data theft
- Bots and Threat information is updated in real-time for all StackPath customers
- Full traffic data available through the StackPath control portal
Bot Detection and Mitigation
Our bot mitigation solution utilizes different methods to prevent bad actors from accessing your application:
- User-Agent detection: Requests with invalid (known to be bad) or missing User-Agents will get blocked
- Behavioral analysis: challenges or blocks requests based on ab-normal user behavior
By default, StackPath will block any bot that is not under the Allowed Known Bots bots section (WAF whitelisted bots). This section can be found at the bottom of your WAF policies page.
If you have a specific service that is not listed under “Known bots” please contact us at firstname.lastname@example.org with the bot details. This list is updated regularly and we will be happy to consider adding services that our customers are using.