AWS WAF Bot Control gives you visibility and control over common and pervasive bot traffic that can consume excess resources, skew metrics, cause downtime, or perform other undesired activities. With just a few clicks, you can use the Bot Control managed rule group to block or rate-limit pervasive bots, such as scrapers, scanners, and crawlers, or you can allow common bots, such as status monitors and search engines. The Bot Control managed rule group can be used alongside other Managed Rules for WAF or with your own custom WAF rules to protect your applications.

Bot Control enables you to monitor bot traffic activity with dashboards that provide detailed, real-time visibility into bot categories, identities, and other bot traffic details. You can use AWS Firewall Manager to deploy Bot Control for your web applications across multiple accounts in your AWS Organization.

Benefits

Gives you visibility into bot traffic activities

All AWS WAF customers get pre-built dashboards showing which of your applications have high levels of bot activity based on sampled data. For customers who enable Bot Control, you will get real-time, detailed, and request-level visibility into bot activities.

Reduces operational and infrastructure costs

Bot Control helps you reduce costs associated with scraper, scanner, and crawler web traffic. Bot Control blocks unwanted bot traffic at the edge before it can increase your application processing costs or impact application performance. Bot Control offers a free usage tier for common use cases.

Deploys easily

Bot Control is enabled by adding an AWS managed rule group to a Web Access Control List, making it easy to add bot protection for your applications that use Amazon CloudFront, Application Load Balancer, Amazon API Gateway, or AWS AppSync. There is no additional infrastructure, DNS changes, or TLS certificate management needed.

Saves time with managed bot protections

Bot Control is a managed rule group maintained and continuously improved upon by AWS. Bot Control removes the undifferentiated heavy lifting and unnecessary complexity of monitoring and protecting your applications against the constantly evolving bot landscape.

Provides flexible and customizable bot protection

Bot Control can be turned on with no additional configuration for most use cases, but it is also highly customizable to meet your specific requirements. You can specify which requests Bot Control evaluates, different actions for different categories of bots, or combine Bot Control results with WAF custom rules to allow or block specific bots.

How it works

Bot Control Diagram

Use cases

Block unwanted bot traffic at the network edge

Bot Control can block unwanted bot traffic at the network edge when you use AWS WAF with Amazon CloudFront. Bot Control helps you minimize the impact of bots on your application's performance and can reduce operational and infrastructure costs associated with traffic from scrapers, scanners, and crawlers. Bot Control also increases the accuracy of your web analytics by removing bot traffic that can skew website and conversion metrics.

Protect intellectual property

Some bots, such as scrapers and crawlers, comb through your web site to index your web pages, download your content, or use your APIs in undesirable ways to gain access to your data. Bot Control categorizes the most common bots so you can block individual bots or an entire bot category like SEO crawlers, scrapers, or site monitoring tools. By default, Bot Control does not block common bots like search engine web crawlers.

Deliver alternate content in response to bot traffic

Using Bot Control and other WAF features like custom responses and request header injection, you can create custom application workflows for bot traffic. For example, you may allow bots that are copying or “scraping” pricing data since they may drive traffic to your site, but you may block excessive requests from bots that can overwhelm your real-time pricing database. With AWS WAF, you can route bot traffic to an alternate endpoint where pricing data is cached and while routing user traffic to pages that provide real-time pricing data.

Learn how to get started with AWS WAF

Visit the getting started page
Ready to build?
Get started with AWS WAF
Have more questions?
Contact us