May 11 2023
Apr 18 2023
Did you know that up to 1/3 of website visitors aren’t even human anymore? Bots are taking over the web. They can hack a site, steal sensitive, would-be secured data, and drive up the cost of operating an online business all before anyone knew they were even there.
A lot of bots do good stuff for the internet, but most of them are automated hacking machines. According to some estimates, bots account for more than 97% of web application attacks and they’re creating serious headaches for online businesses across the spectrum.
nixCraft is one of the largest unix tutorial blogs with over 250,000 followers (between Twitter and Facebook) that covers Linux tips, hacks, and tutorials run by a guy named Vivek Gite.
According to Alexa, his blog has a traffic ranking of 3,703 in the US and a slightly higher ranking internationally. Ranking is calculated using a combination of visitors to the site and page views over the past month.
Vivek discovered that subscriber bots accounted for hundreds of newsletter signups per day. With his site’s popularity, this was costing him a great deal of money.
Subscriber bots, in a way, commit a form of identity theft on the web; they act as if they’re legitimate humans visiting websites, but they do it with malicious intent. In extreme cases, such as a DDoS attack, bots can easily cause a site to crash completely.
The bots ended up increasing my bandwidth usage, driving up my email sending costs, and eating up disk space on my server. It was evident that nixCraft’s newsletter service was under attack. WAF from StackPath helped me stop the bots and the fake subscriptions. I’m very happy with it.
Vivek Gite
Using StackPath’s suite of WAF Rules, Vivek was able to cripple the bots’ attacks on his site at a very, very early stage in their scheme. He tweeted how he was driving down bot attacks using StackPath SecureCDN:
Getting so many fake subscriber bots for newsletter per day mostly https://t.co/yizEwdLWI4. I had to stop em using WAF
@StackPath/@MaxCDN pic.twitter.com/yrRlI9i8Aj
Not all bots are bad. Google employs bots that crawl around the web scouting out the best information, and many bots help the web run smoothly, improve efficiency or provide deep analysis.
We’re concerned with the bad bots. They outweigh good bots on the web by more than two times. These bots scan websites for vulnerabilities, with the aim of hacking into a site. Once inside, bots can retrieve all sorts of would-be secured information from personal data to financial information and corporate secrets.
The bots attacking nixCraft, thank the heavens, weren’t seeking highly confidential corporate secrets. They were taking advantage of a very basic security flaw to make fraudulent gains and meet malicious ends. Here is exactly how nixCraft nixed the bots:
StackPath’s enterprise-grade WAF (web application firewall), included in every SecureCDN plan, gives users dozens of powerful ways to configure protection against common and more complex bot attacks. Once WAF is enabled, all sites are automatically covered with DDoS protection.
The Rules said, if the HTTP method for subscribing to the newsletter was a POST request, a Captcha challenge would be the action triggered by StackPath WAF. Only a successful Captcha challenge would result in a subscription, thereby validating the submission as being from a human, not a bot.
WAF contains behavioral and reputational algorithms to protect against even the most sophisticated bots from scraping, learning, or attacking a site’s common points of compromise.
Sign up for a 15-Day Free Trial and see what StackPath can do for you.