Skip to content

Web security pack

Web Security Pack is a bundle of tools for bot filtering and protection against server overload.

This tool acts as a proxy for filtering HTTP traffic between application servers. It is most commonly deployed between Nginx and Apache, or Nginx and HAProxy. Its goal is to limit access by automated bots that cause excessive server load or abuse web services.

How it works

Each incoming HTTP request is evaluated according to a set of rules that analyze headers, browser behavior, and other metadata. Based on this data, the system calculates the probability that the request comes from a bot and assigns the request an appropriate score. According to this score, requests are further processed:

  • Low risk: The request is allowed through without restrictions.
  • Medium risk: The client receives a simple verification step in the form of a meta refresh.
  • High risk: A JavaScript proof‑of‑work challenge is performed – a computational task that a typical device completes within 1 second.
  • Very high risk or known malicious origin: The request is blocked immediately.

After successful verification (challenge), the client is assigned a cookie that ensures seamless access for 7 days. Legitimate users typically do not notice any checks at all.

Rules and exceptions

The default configuration includes a set of rules that: - permanently allow useful and verified bots (e.g. Google, Bing, Seznam, Heureka) and payment gateway callbacks, - automatically block known malicious bots and networks that ignore robots.txt (especially Alibaba Cloud, Huawei Cloud), - allow configuring exceptions based on URL paths, IP addresses, or User‑Agents (e.g. payment gateways, APIs, data exports).

Exceptions can be added individually according to the needs of a specific project – for example for external API access or for systems that process automated requests.

Monitoring and statistics

Statistics and an overview of filtered traffic are available in Grafana within the client zone. The dashboard allows you to track the number of blocked requests, scoring, and the overall performance of the tool.

Graph of server load and its decrease after deploying the Web Security Pack:

Corresponding graphs of the Web Security Pack: