Categories
Challenge

How Imperva protects against scraping bots

Imperva (that includes the former Distil anti-bot management) is a service providing many kinds of website protections. The present Imperva services include the following ones:

  1. Cloud Web Application Firewall (WAF)
  2. Bot Protection service (formerly Distil Networks)
  3. IP Reputation Intelligence
  4. Content Delivery Network (CDN)
  5. Attack Analytics solution (eg. DDoS)

As to the protection of the bot scraping activities we mention the following.

How is Imperva set? It servers as proxy

Imperva acts as an HTTPS proxy and terminates connections in front of the end users. 
The target site is gets redirected thru Imperva. One have to change DNS record and traffic gets routed through the Imperva network. The entire process is TTL-dependent and usually takes a some hours to be done.

Imperva Bot Management insights

Distil/Imperva Bot Management detects bots based on over 40 variables. The obvious parameters are to be shared in another post. The Bot Management is able to:

  • block bots
  • set CAPTCHAs for bots
  • perform bot rate-limiting

It performs these measures on per-user, per-request basis rather than on a per-IP basis.

We still research as to the Imperva behaviour and we’ll share more in the future posts.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.