#Bot-Buster™

Tracks nefarious activity on website, and manages accordingly.

The requesting entity:

• declares its user-agent as being wget, curl, webcopier etc - it's probably a bot.
• requests details -> details -> details -> details ad nauseum - it's probably a bot.
• requests the html, but not .css, .js or site furniture - it's probably a bot.
• generates a large number of HTTP error codes > 400 (1.e 401, 403, 404 & 500)- it's probably a bot.
• originates from an unlikely human traffic source (i.e Amazon AWS) - it's probably a bot.
• no user-agent (or matching a pattern of known bad ones) - it's probably a bot.
• no cookie, and wont honor a set cookie - it's probably a bot.
• no referrer, ever - it's probably a bot.

Probable bots will be presented with a captcha type page. Humans can confirm their cognisance, bots will be trapped.

This will work at the top of the stack using the ZTM to "manage" the offender.

One more environment to consider: the corporate network.

likely to find many dozens or hundreds of users with the exact same OS, browser, plugins, fonts etc. IP addresses are likely to be the same if the users are behind a corporate firewall.

##JavaScript Detection:

window._phantom (or window.callPhantom or navigator.onLine=false && navigator.plugins="") //phantomjs
window.__phantomas //PhantomJS-based web perf metrics + monitoring tool 
window.Buffer //nodejs
window.emit //couchjs
window.spawn  //rhino
window.webdriver //selenium
window.domAutomation (or window.domAutomationController) //chromium based automation driver
if (window.outerWidth === 0 && window.outerHeight === 0){ //headless browser }

##Create fingerprint, and store forever:

• https://github.com/samyk/evercookie
• https://github.com/Valve/fingerprintjs

##Set bitmap:

See it in action