It’s been a little over a year since ZAG began offering Cloudflare’s Advanced Bot Management as an optional additional security service for our clients’ hosting environments. With increasingly sophisticated cyber-attacks, Advanced Bot Management is now a critical layer to architecting a highly secure hosting environment appropriate for financial institutions. We’d like to review the impact on the health of our clients’ websites a year later, so let’s take a minute to look back and see how it’s helped.
What is Bot Management?
First, let’s review what Advanced Bot Management is, and why you should consider adding this service to your hosting infrastructure. The internet is full of “bots” -- automated programs that run without human intervention – and bots are used for various purposes. Some bots are “verified” and welcome, such as Google, but many are “unverified” and unwelcome and can create a variety of trouble from inaccuracies in your website’s data, to far worse such as a malicious cyber-attack. All ZAG-hosted websites have security protections in place that work to filter unwanted traffic, including firewalls and Distributed Denial of Service (DDoS) Mitigation. DDoS is a type of malicious cyber-attack that renders a website or network unavailable, but in order to fully mitigate an attack, the bot traffic needs to follow a certain pattern so it can be properly flagged and filtered. As attacks become increasingly sophisticated and highly distributed, bots become more elusive, so adding multiple layers of protection is becoming even more relevant and critical to keep your website safe.
Why Our Clients Initially Considered Bot Management
Many of our clients had requested extra protection for forms, screen scraping and credential stuffing, and ZAG responded by adding Advanced Bot Management through our partnership with Cloudflare to meet this initial demand. But this service provides greater value beyond its original intended purpose and can be a true hero to your business or organization should you find yourselves under attack.
One Year of Bot Management Protection
In the past year, our clients who have had Advanced Bot Management in place have seen a measurable reduction in unwanted, unverified bot activity on their websites. The service has interrogated and scored over 100 million events that are either automated bots or likely automated bots in the last 30 days for the clients who have the service in place, for example. As a result of being protected, these 100 million events were presented a challenge to verify that it was appropriate traffic to allow through to the website, and with the proper measures in place, the inappropriate traffic was blocked.
Where the impact of this service was most remarkable, however, was in two cases for clients who did not initially elect to add Advanced Bot Management to their suite of hosting services with us. Their stories are powerful and summarized below.
-
Client A had DDoS Mitigation but not Bot Management as part of their hosting package. They were hit with a DDoS attack and approximately 60% of the traffic hitting their site was mitigated by the DDoS Mitigation service, meaning that the bad traffic was prevented from getting through to Client A’s website. However, this was a sophisticated attack where the remaining 40% of the unwanted bot traffic was so highly distributed that it did not meet the threshold to be stopped by DDoS Mitigation, eluding mitigation, overwhelming the site and, unfortunately, degrading site performance to an unacceptable level. Upon investigation, the ZAG Network Security team swiftly implemented Cloudflare Advanced Bot Management which quickly identified the highly distributed bots as unwanted, mitigating the attack and returning the site to normal performance.
-
In another example, Client B also had DDoS Mitigation but not Bot Management as part of their hosting package. They were hit with a relatively small DDoS attack initially, during which 70% of the traffic met the threshold for DDoS Mitigation and the site performance was mildly impacted. This attack, however, was highly coordinated, and after a ransom message was sent to the client threatening a larger attack if funds was not transferred, the site was eventually attacked by a massive and highly distributed attack that again was partially mitigated by DDoS protections. Once again, ZAG Network Security applied the Cloudflare Advanced Bot Management protection to thwart the unwanted traffic eluding DDoS detection, and the site was able to be returned to normal in less than 5 minutes.
How to Stay Protected from Unverified Bots
Both of these cyber-attacks above likely would have been completely blocked without incident if the clients had Cloudflare’s Advanced Bot Management in place. Both clients now have Cloudflare’s Advanced Bot Management included as part of their hosting services to prevent this type of preventable outage in the future.
The internet is flooded with increasingly sophisticated bot activity, and DDoS protections, hardware firewalls and Web Application firewalls are no longer enough to completely protect your website. If you are interested in learning more about adding Cloudflare’s Advanced Bot Management service to your hosting solution, whether you host with ZAG or not, please reach out to us for more details. We can typically get a solution in place for your business or organization within a few business days if you're already an existing client.