KillBot Web Protector: Stop Bots & Block DDoS L7 Attacks
KillBot Verification page:
- Removes direct and other bot visits from analytics;
- Removes Human-Like bots from search;
- Blocks bot spam WITHOUT CAPTCHA;
- Protects against SMS balance fraud;
- Detects bots in advertising;
- Blocks all bots without JavaScript support, except search engine bots by default.
How KillBot Terminates Bots:
- Block bot visits;
- Overload bot CPU;
- Hides Google Analytics and Yandex Metrica tag from bots;
- Forces bots to solve CAPTCHAs;
KillBot — no black box algorithms:
- Every visit in Google Analitics and Yandex Metrica is labeled as bot or not;
- If a visit is mistakenly marked as a bot, it can be corrected;
- KillBot builds UserID independent of cookies, so users can be blocked and incognito mode won’t help;
Performance:
A KillBot protection instance running on a 2 vCPU / 2GB RAM server successfully mitigates Layer 7 DDoS attacks (as tested using https://ipstresser.su/ Tier-1 attack profile), using only 20% CPU and 1GB RAM. Importantly, all malicious traffic is stopped at the KillBot verification page, never impacting your origin website.
You can work with KillBot via API!
Getting Started Video: https://www.youtube.com/watch?v=GgfhcQbUNd0
All web traffic is routed through KillBot’s verification papge before being proxied to your origin website. This requires updating your DNS A record to point to your KillBot’s IP address. The actual bot detection algorithms run on KillBot’s centralized infrastructure — your server only hosts the lightweight verification page.
When accessing your site, visitors first see KillBot’s verification page (visible as a 1-second blue circle animation). This performs real-time bot detection, allowing three response actions: blocking of malicious bots, bot CPU overload or CAPTCHA challenges for suspicious traffic.
When accessing your site, visitors first encounter KillBot’s verification page (visible as a 1-second blue circle animation). This performs real-time bot detection, allowing three response actions: immediate blocking of confirmed malicious bots, forced CPU overload to disable persistent bot threats, or selective CAPTCHA challenges for suspicious but unverified traffic.
KillBot splits all site traffic into snapshots (not to be confused with fingerprint — KillBot’s browser snapshot is a completely different entity). KillBot’s browser snapshot is specifically a snapshot of the bot generation software, and even if the bot spoofs browser parameters, the snapshot remains the same. Bots will be grouped by their snapshots, and users by theirs. Snapshots can be blocked individually.
You can manage KillBot snapshots through the personal account on the website: https://my.kill-bot.net
After deploying the image from Yandex Cloud, KillBot will come pre-installed. The KillBot verification page communicates with KillBot’s general servers, so an account will be automatically created for you at https://my.kill-bot.net (or you can use an existing one).
To connect your website to the KillBot verification page, use the following command:
sudo kb install -e your_email@example.com -ip YOUR_SERVER_IP -le 1 -d yourdomain.com -t YOUR_TOKEN
Command parameters:
-e: Your email. If no my.kill-bot.net account exists for this email, one will be created automatically and login details will be sent to this address.
-d: The domain to be protected by KillBot.
-ip: IP address of your origin server (specified in -d).
-le: Let’s Encrypt certificate issuance (set -le 0 if behind Cloudflare, otherwise -le 1).
-t: Token from your my.kill-bot.net account (only required if you already have a KillBot account). Get it here: https://my.kill-bot.net/api-key
-www: Primary mirror (-www 1 forces www prefix, default detects automatically based on -d).
For Let’s Encrypt (no existing my.kill-bot.net account):
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru
For Cloudflare (FULL SSL) with self-signed certificate:
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru -le 0
With existing KillBot account:
sudo kb install -e grigoriy.mmelnikov@gmail.com -ip 31.31.198.173 -d g-video.ru -t 3Fgerwe3Zzn0