Filter out malicious traffic with the BotGuard Ingress Controller

Let's Go

To continue, please provide your BotGuard API key. The key is available at your BotGuard dashboard. The key will also be used as a password to access the web management interface.

* You may need to create account at BotGuard, if not have one yet.

BotGuard Ingress Controller is a reverse proxy server which enables you to selectively block bad bot traffic in real time, while granting unrestricted access to a web site for human users, search engines, and affiliate automation tools.

It allows you to manage your inbound web traffic, protect your website from DDoS attacks, and scale up your website without interruption.

How it works?

The BotGuard Ingress Controller receives the inbound traffic, cleans it up, and forwards clean traffic to your web server

Batteries Included

In addition to blocking malicious bots and hackers, you get a number of other options when using BotGuard Ingress Controller:

Load Balancing Website Protection Content Caching SSL Management

Complete SSL Support and Management

The SSL operations are CPU intensive and can put a strain on server resources. In order to balance the compute demands of SSL encryption of traffic, SSL offloading moves that processing to a dedicated server — the BotGuard Ingress Controller instance. This frees the web server to handle other application delivery demands.

Modern Protocols and Algorithms

The BotGuard Ingress Controller supports modern TLS 1.3 cryptographic protocol. It helps speed up encrypted connections even more with features such as TLS false start and Zero Round Trip Time (0-RTT).

The BotGuard Ingress Controller supports recent HTTP/3 (aka QUIC) protocol. The advantages of HTTP/3 are better transmission speed, shorter loading times, and a more stable connection for mobile users.

Certificates Management

The BotGuard Ingress Controller issues and automatically renews all certificates. Let's Encrypt, Zero SSL, and BuyPass free certificate providers are supported.

Security Features

All necessary security settings are included by default. Websites protected by the BotGuard Ingress Controller receive an A+ rating from Qualys SSL Labs.

Load Balancing gateio Content Caching SSL Management

Complete Website Protection

The Ingress Controller supports all BotGuard protection services, such as a Web Application Firewall and vulnerability scans protection. In addition, it helps you to mitigate DDoS attacks.

Hide Your Infrastructure

With a BotGuard Ingress Controller in place, a web site never needs to reveal the real IP address of their origin server. This makes it much harder for attackers to leverage a targeted attack against them, such as a DDoS attack. Instead the attackers will only be able to target the Ingress Controller instance, which will have tighter security and more resources to fend off an attack. By using multiple instances of Ingress Controller, you can hide some of them from attackers, leaving them for use by legitimate visitors.

DDoS Attack Protection

The BotGuard Ingress Controller allows you to limit the number of concurrent connections and limit the request rate on a per-client basis. In most cases, this helps prevent abuse of the site and target web server overload.

In more complex cases, a cluster of Ingress Controllers is used, where the attacker addresses are propagated throughout the cluster and is filtered at the network stack of the underlying operating system.

Load Balancing Website Protection Content Caching SSL Management

Static and Dynamic Content Caching

Caching saves the resources needed to serve content that changes infrequently. Placing caching servers closer to users reduces hop count, latency, and server response time.

Static Content Caching

The BotGuard Ingress Controller downloads the static assets from your web server only once, then it store the content locally and deliver the locally stored copy. It includes documents, javascript files, stylesheets, images, and videos.

This caching reduces your web server's network traffic and improves the end user experience. The built-in HTTP/2 Push feature helps prioritize the delivery of vital website resources while reducing page render time.

Dynamic Content Caching

In general, caching dynamic content is not recommended, but caching for only 1 minute helps mitigate traffic spikes that occur during atypical activities such as a DDoS attack or viral marketing event.

Load Balancing Website Protection Content Caching SSL Management

Horizontally Scaling With Ease

The purpose of a load balancing is to distribute network traffic across a number of web servers. By efficiently using available resources, load balancing is able to increase processing speeds and effectively utilize server capacity. Properly load balancing incoming traffic is a key component in mitigating spikes in traffic that occur during atypical activity such as a DDoS attack.

Multiple web servers

Using multiple web server instances, you can prevent any single server from becoming overloaded. In the event that a server fails completely, other servers can step up to handle the traffic. Yes, they can be installed in geographically different locations. The persitent sessions feature will redirect the visitor to the right website instance.

Multiple reverse proxies

Using the DNS round robin feature, you can deploy multiple BotGuard Ingress Controller instances and assign multiple IP addresses to the same website. The BotGuard Ingress Controller instances will keep all settings in sync in the cluster.

Best when used together.