-
Notifications
You must be signed in to change notification settings - Fork 110
Bot Protection
Nowadays malicious bots and L7 DDoS attacks dominate web traffic, frequently exceeding 40–50% of requests and causing resource exhaustion, data theft, fraud, performance degradation, and revenue loss. Tempesta FW + WebShield tackle this effectively: Tempesta FW generates detailed, near-zero-overhead access logs, stored in ClickHouse. WebShield, a lightweight daemon, continuously analyzes these logs for traffic spikes across various parameters — such as requests per second, cumulative response time, error rates, or unusual patterns per fingerprint/IP — using statistical methods like z-score thresholds on learned baselines or configured triggers. Upon detecting anomalies, it dynamically blocks offending clients (via Tempesta Fingerprints, IP sets, or nftables) with low latency, providing transparent, tunable, open-source protection.
- Home
- Requirements
- Installation
-
Configuration
- Migration from Nginx
- On-the-fly reconfiguration
- Handling clients
- Backend servers
- Load Balancing
- Caching Responses
- Non-Idempotent Requests
- Modify HTTP Messages
- Virtual hosts and locations
- HTTP Session Management
- HTTP Tables
- HTTP(S) Security
- Header Via
- Health monitor
- TLS
- Virtual host confusion
- Traffic Filtering by Fingerprints
- Access Log Analytics
- Run & Stop
- Application Performance Monitoring
- Use cases
- Performance
- Bot Protection
- Contributing