AWS WAF Bot Control

Bot Control helps you reduce costs associated with scraper, scanner, and crawler web traffic. Bot Control blocks unwanted bot traffic at the edge before it can increase your application processing costs or impact application performance. Bot Control offers a free usage tier for common use cases.

Bot Control can be turned on with no additional configuration for most use cases, but it is also highly customizable to meet your specific requirements. You can specify which requests Bot Control evaluates, different actions for different categories of bots, or combine Bot Control results with WAF custom rules to allow or block specific bots.

Bot Control can block unwanted bot traffic at the network edge when you use AWS WAF with Amazon CloudFront. Bot Control helps you minimize the impact of bots on your application's performance and can reduce operational and infrastructure costs. Bot Control also increases the accuracy of your web analytics by removing bot traffic that can skew website and conversion metrics.

Common bots can be detected with traditional bot detection techniques such as analyzing static request data. AWS Bot Control for Targeted Bots uses advanced detection techniques like behavior-based detections to detect bots that try to evade detection. AWS Bot Control for Targeted Bots helps improve the user experience on your retail websites while reducing chargebacks from fraudulent transactions and infrastructure costs.

Using Bot Control and other WAF features like custom responses and request header injection, you can create custom application workflows for bot traffic. For example, you may allow bots that are copying or “scraping” pricing data since they may drive traffic to your site, but you may block excessive requests from bots that can overwhelm your real-time pricing database. With AWS WAF, you can route bot traffic to an alternate endpoint where pricing data is cached and while routing user traffic to pages that provide real-time pricing data.