Chapter 14. Managing Automated Traffic

This chapter will address the final step of the process. Once you have an understanding of the types of automated traffic and you’ve successfully identified which ones are impacting your site, what action can you take against them?

As will be discussed in this chapter, there are a range of potential actions that can be taken against bots and it is important that you select the most appropriate means of handling bots while taking the following points into consideration:

• The impact of false positives (i.e., wrongly identifying a human user as a bot): Is there a way for a human user wrongly identified as a bot to resolve that error, and if so, could a bot use the same resolution? The consequences of allowing a bot through might be so negative that you are willing to risk a number of humans being impacted to preserve the security of your system.

• The ability of bot traffic to bypass that means of defense.

• The signal you want to give to the bot operator: Do you want them to be made aware that you have detected them, or will you choose instead to let them assume that their request was successful? Making them aware can have two disparate consequences: on the one hand, they might move on to someone else once they realize you are no longer an easy target, but on the other, it might motivate them to modify the sophistication of their bot to try and bypass your defenses (this will largely depend on how targeted the particular attack is).

These considerations ...