Stopping Bots and using WAF

We have been getting more and more bots spiking our CPU usage and slowing down (or crashing) our site. We have tried activating AWS WAF & Shield Core and PHP App rulesets, but it seems when those are all activated it affects functionality in CS-Cart.

Does anyone have feedback on how to use WAF and/or other ways to stop bots from attacking us without screwing up CS-Cart?

Hi,

I don’t have much knowledge of it, but yes, I can help you get rid of this.

Here I managed to list a few suggestions on how to use AWS WAF and Shield to protect your website without affecting the functionality of your CS-Cart application:

So first of all, use IP address blocking to block traffic from specific IP addresses or IP ranges. This feature you can use to block known bots or malicious IPs.

Use rate-limiting to set rate limits on incoming traffic, which can help prevent bots from overwhelming your site. You can set limits based on the number of requests per second or per minute.

Use bot detection, AWS WAF has built-in support for bot detection, which can help you identify and block bots based on their behavior.

Use CloudFront as an additional layer of protection for your website by configuring CloudFront to forward only valid requests to your origin. This will help you to block any invalid requests before they reach your origin.

Use Security Group rules to only allow traffic from specific IP ranges, and block all others.

Use a Content Delivery Network (CDN) service as it can help reduce the load on your server by caching and delivering content from a network of servers around the world.\

Use a Web Application Firewall (WAF): A WAF can help protect your website from a wide range of attacks, including SQL injection, cross-site scripting (XSS), and DDoS attacks.

Use a CAPTCHA service as it can help prevent bots from submitting forms on your website by requiring users to prove that they are human.

It’s important to test your configuration changes in a development environment before rolling them out to a production environment.

It’s also important to keep monitoring your site and the logs to detect any unusual traffic pattern and take action accordingly.

I hope this helps, let me know if you have any other questions.

THANK YOU for this asshishroe. We have implemented some of this already and will pass your suggestions on to our team.