Dobrymechanik.pl is the largest website with an active database of car repair shops and their customers’ opinions, covering whole Poland. The website enables users to select a proven car mechanic, book online the repair timeslot, and publish an opinion after completion of the services.
With such functionality scope and reach, it is essential that the website meet the users’ expectations and be effectively protected against cyberattacks.
The protection mechanisms working at the application level have a huge potential. According to the Incapsula BOT Traffic Report 2016, only 48.2 percent of the website traffic is generated by genuine users and the rest is generated by various network tools.
Only 22.9 percent of the traffic is generated by so-called good bots which scan the pages in order to get them indexed by popular searching engines, such as Google, Bing, Yahoo, or Safari. The remaining 28.9 percent is traffic attempting to cause specific damage, such as:
- paralyzing the service
- identity theft
- accessing sensitive data
- stealing the website content and other resources
- collecting e-mail addresses (to resell them to spammers)
- artificially pushing up the number of views and clicks, resulting in significant financial losses to the advertisers.
Problems with content theft
Before deployment of the Grey Wizard Shield protection, the dobrymechanik.pl website had problems with malicious bots stealing the content and saturating the Internet link by generating excessive traffic. Also, there were intrusion attempts, posing a big threat to the unique content of the website. “Those problems typically resulted in slowing down the service for the website users,” says Krzysztof Chudzik, one of the platform founders. “The Grey Wizard protection enabled us to immediately secure our resources and control the undesirable traffic. Attacks are effectively blocked both at the application and at the network level,” adds Krzysztof Chudzik.
WAF — effective content protection
WAF (Web Application Firewall) is a protection mechanism working at the application level, based on static rules and reputation-check mechanisms. It enables the applications to be monitored for anomalies and abnormal user behaviors. Thanks to that, it is possible to effectively block both attempts to scan the whole website to steal its content and attempts to artificially push up the sub-page views statistics.
Grey Wizard Shield is designed to detect typical bots, both good (which are not blocked) and those scanning the pages and copying their contents (e.g. Scrapy, Nutch, Surveybot). So-called bad bots are eliminated on the basis of static rules defined by the Grey Wizard experts for the purposes of the given protected website. Importantly, the rules are developed in a selective manner to minimize false positives.
Real time analysis and monitoring
The Grey Wizard service protects webpages using collective knowledge of DDoS threats, including information about new and growing attack methods. From the moment of activation of the Shield, its intelligent machine-learning mechanisms identify on a continuous basis any undesirable traffic, learning about new threats and storing information about newly detected incidents into the knowledge base.
Thanks to the real-time analysis, the user can monitor the key data related to the webpage, monitor the current traffic statistics and detected threats, and analyze the incident details.
Activation of the protection
Activation of Grey Wizard Shield is fast and simple. “It took us fifteen minutes or so to complete the service installation and configuration”, says Krzysztof Chudzik. “No additional hardware and no changes to the application itself were necessary. The only thing we had to do was to enter the IP addresses provided by Grey Wizard in the DNS setting. Within minutes from the protection activation, we were able to view the first webpage statistics,” he concludes. .
“Deployment of the Grey Wizard Shield enables us to remain calm despite the increasing wave of cyberattacks. The service is active at all times, effectively protecting our website both against already known attacks and, more importantly, against new potential threats,” says Krzysztof Chudzik. “The Grey Wizard experts remain at our disposal all the time. We trust them fully. They share their knowledge with us and we readily take advantage of it by duly implementing all their recommendations,” he concludes.