KillBot Web Protector: Stop Bots & Block DDoS L7 Attacks

Updated May 27, 2025

KillBot Verification page:

  • Removes direct and other bot visits from analytics;
  • Removes Human-Like bots from search;
  • Blocks bot spam WITHOUT CAPTCHA;
  • Protects against SMS balance fraud;
  • Detects bots in advertising;
  • Blocks all bots without JavaScript support, except search engine bots by default.

How KillBot Terminates Bots:

  • Block bot visits;
  • Overload bot CPU;
  • Hides Google Analytics and Yandex Metrica tag from bots;
  • Forces bots to solve CAPTCHAs;

KillBot — no black box algorithms:

  • Every visit in Google Analitics and Yandex Metrica is labeled as bot or not;
  • If a visit is mistakenly marked as a bot, it can be corrected;
  • KillBot builds UserID independent of cookies, so users can be blocked and incognito mode won’t help;

Performance:
A KillBot protection instance running on a 2 vCPU / 2GB RAM server successfully mitigates Layer 7 DDoS attacks (as tested using https://ipstresser.su/ Tier-1 attack profile), using only 20% CPU and 1GB RAM. Importantly, all malicious traffic is stopped at the KillBot verification page, never impacting your origin website.

You can work with KillBot via API!

Getting Started Video: https://www.youtube.com/watch?v=GgfhcQbUNd0

All web traffic is routed through KillBot’s verification papge before being proxied to your origin website. This requires updating your DNS A record to point to your KillBot’s IP address. The actual bot detection algorithms run on KillBot’s centralized infrastructure — your server only hosts the lightweight verification page.

When accessing your site, visitors first see KillBot’s verification page (visible as a 1-second blue circle animation). This performs real-time bot detection, allowing three response actions: blocking of malicious bots, bot CPU overload or CAPTCHA challenges for suspicious traffic.

When accessing your site, visitors first encounter KillBot’s verification page (visible as a 1-second blue circle animation). This performs real-time bot detection, allowing three response actions: immediate blocking of confirmed malicious bots, forced CPU overload to disable persistent bot threats, or selective CAPTCHA challenges for suspicious but unverified traffic.

KillBot splits all site traffic into snapshots (not to be confused with fingerprint — KillBot’s browser snapshot is a completely different entity). KillBot’s browser snapshot is specifically a snapshot of the bot generation software, and even if the bot spoofs browser parameters, the snapshot remains the same. Bots will be grouped by their snapshots, and users by theirs. Snapshots can be blocked individually.

You can manage KillBot snapshots through the personal account on the website: https://my.kill-bot.net

Deployment instructions

After deploying the image from Yandex Cloud, KillBot will come pre-installed. The KillBot verification page communicates with KillBot’s general servers, so an account will be automatically created for you at https://my.kill-bot.net (or you can use an existing one).

To connect your website to the KillBot verification page, use the following command:

sudo kb install -e your_email@example.com -ip YOUR_SERVER_IP -le 1 -d yourdomain.com -t YOUR_TOKEN

Command parameters:
-e: Your email. If no my.kill-bot.net account exists for this email, one will be created automatically and login details will be sent to this address.
-d: The domain to be protected by KillBot.
-ip: IP address of your origin server (specified in -d).
-le: Let’s Encrypt certificate issuance (set -le 0 if behind Cloudflare, otherwise -le 1).
-t: Token from your my.kill-bot.net account (only required if you already have a KillBot account). Get it here: https://my.kill-bot.net/api-key
-www: Primary mirror (-www 1 forces www prefix, default detects automatically based on -d).

Billing type
Free
Type
Virtual Machine
Category
Security
Publisher
KillBot
Use cases

For Let’s Encrypt (no existing my.kill-bot.net account):
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru

For Cloudflare (FULL SSL) with self-signed certificate:
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru -le 0

With existing KillBot account:
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru -t 3Fgerwe3Zzn0

Technical support

Any questions? We reply fast on Telegram: https://t.me/grigoriy_melnikov

Product IDs
image_id:
fd8emb1m0vif1nh2sb7l
family_id:
killbot-killbot
Product composition
SoftwareVersion
Ubuntu22.04
Apache2.4.52
php8.1
Terms
By using this product you agree to the Yandex Cloud Marketplace Terms of Service and the terms and conditions of the following software: Ubuntu
Billing type
Free
Type
Virtual Machine
Category
Security
Publisher
KillBot