6 Layers of Protection
Here at Imunify, we're always monitoring web data at scale - and we've noticed a clear trend: legitimate AI bots, like those from Meta, Apple, OpenAI, and other reputable organizations, are increasingly behaving aggressively, excessively consuming server resources, and often ignoring instructions in files like robot.txt.
These sorts of issues caused by AI-powered bots can severely impact both website performance and resource efficiency.
To assist hosting providers and website owners in effectively managing these aggressive bots, we’ve created specialized ModSecurity rule sets designed to precisely and effectively block significant AI bot traffic for some of the most popular AI modules.
ModSecurity Rules for Blocking AI Bots
You can find instructions on how to add those rules here.
Amazon
SecRule REQUEST_HEADERS:User-Agent "@rx Amazonbot" "id:88345386,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Amazon AI bot',tag:'service_im360'"
Anthropic
SecRule REQUEST_HEADERS:User-Agent "@rx anthropic-ai" "id:88345387,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Anthropic AI bot',tag:'service_im360'"
Applebot
SecRule REQUEST_HEADERS:User-Agent "@rx Applebot" "id:88345388,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Applebot AI bot',tag:'service_im360'"
ChatGPT
SecRule REQUEST_HEADERS:User-Agent "@rx ChatGPT-User" "id:88345389,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for ChatGPT AI bot',tag:'service_im360'"
Claude
SecRule REQUEST_HEADERS:User-Agent "@rx ClaudeBot" "id:88345390,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Claude AI bots',tag:'service_im360'"
DuckDuckGo
SecRule REQUEST_HEADERS:User-Agent "@rx DuckAssistbot" "id:88345391,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for DuckDuckGo AI bot',tag:'service_im360'"
FactSet
SecRule REQUEST_HEADERS:User-Agent "@rx Factset_spyderbot" "id:88345392,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for FactSet AI bot',tag:'service_im360'"
Vertex
SecRule REQUEST_HEADERS:User-Agent "@rx Google-CloudVertexBot" "id:88345393,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Vertex AI bot',tag:'service_im360'"
SecRule REQUEST_HEADERS:User-Agent "@rx GoogleOther/" "id:88345394,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Google AI bot',tag:'service_im360'"
GPTBot
SecRule REQUEST_HEADERS:User-Agent "@rx GPTBot" "id:88345395,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for GPTBot AI bot',tag:'service_im360'"
ICC-Crawler
SecRule REQUEST_HEADERS:User-Agent "@rx ICCCrawler" "id:88345396,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for ICC-Crawler AI bot',tag:'service_im360'"
Meta
SecRule REQUEST_HEADERS:User-Agent "@rx Meta-ExternalAgent" "id:88345397,phase:1,pass,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Meta AI bot',tag:'service_im360'"
OpenAI search
SecRule REQUEST_HEADERS:User-Agent "@rx OAI-SearchBot" "id:88345398,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for OpenAI AI search bot',tag:'service_im360'"
Perplexity
SecRule REQUEST_HEADERS:User-Agent "@rx Perplexity‑User" "id:88345399,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Perplexity AI bot',tag:'service_im360'"
Perplexity
SecRule REQUEST_HEADERS:User-Agent "@rx PerplexityBot" "id:88345400,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Perplexity AI bot',tag:'service_im360'"
Petal
SecRule REQUEST_HEADERS:User-Agent "@rx PetalBot" "id:88345401,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Petal AI bot',tag:'service_im360'"
Qualified
SecRule REQUEST_HEADERS:User-Agent "@rx QualifiedBot" "id:88345402,phase:1,block,nolog,auditlog,severity:5,t:none,msg:'IM360 WAF: Request rate tracking for Qualified AI bot',tag:'service_im360'"
.png?width=115&height=115&name=pci-dss%20(1).png "pci-dss")
