BotGuard Ingress Controller

Deploy in 60 seconds

About

BotGuard is the state of the art cloud-based website protection. Our Ingress Controller allows you to block bots, hackers and spam. Selectively block bad bot traffic in real time and grant unrestricted access for human users, search engines or affiliate automation tools to your website with this reverse proxy server.

Batteries Included

Bots are at our core, but we offer much more: manage your inbound web traffic, protect your website from DDoS attacks and scale up your website without interruptions.

Horizontally Scaling With Ease

Easy horizontal scaling

Distribute network traffic across a number of web servers and increase both processing speeds and server capacity effectiveness. Load balancing incoming traffic is crucial to mitigate traffic spikes that occur during atypical activity, like a DDoS attack.

Multiple web servers

By using multiple web server instances, you can prevent any single server from overloading. If a single server fails completely, the other servers can step up and handle the traffic. These servers can be installed in different geographical locations and the persistent session feature will redirect the visitor to the right website instance.

Multiple reverse proxies

By using the DNS round robin feature, you’ll be able to deploy multiple BotGuard Ingress Controller instances and assign multiple IP addresses to the same website. These instances are best when used together and will keep all settings in sync within the cluster.

Complete Website Protection

The Ingress Controller supports all of BotGuard’s protection services, such as the Web Application Firewall (WAF) and Vulnerability Scans Protection, and helps you mitigate DDoS attacks.

Hide Your Infrastructure

With the Ingress Controller in place, the website doesn’t need to reveal its origin server’s real IP address, making it harder for attackers to leverage targeted attacks against them. Attackers will only be able to target the Ingress Controller instance, which has tighter security and additional resources to fend off attacks. When using multiple instances of the Ingress Controller, some of the instances may be hidden from attackers and left for legitimate visitors to use.

DDoS Attack Protection

As it allows you to limit the number of concurrent connections and the request rate on a per-client basis, BotGuard’s Ingress Controller helps to prevent website abuse and targeted web server overload. In more complex cases, where a cluster is used, the attacker addresses are propagated throughout the cluster and filtered at the network stack of the operating system.

Static and Dynamic Content Caching

Caching saves the resources needed to serve content that rarely changes. Placing the caching servers closer to the users decreases hop count, latency and server response time to create a better experience.

Static Content Caching

Botguard’s Ingress Controller downloads the static assets - like documents, javascript files, stylesheets, images or videos - from your web server only once, stores them locally and delivers that copy. This caching diminishes your web server’s network traffic and offers a more pleasant user experience. The built-in HTTP/2 push feature prioritizes the delivery of vital website resources and reduces page rendering time.

Dynamic Content Caching

Generally, caching dynamic content is not recommended. However, caching for only 1 minute helps to mitigate traffic spikes that occur during atypical activities, be it a DDoS attack or a viral marketing event.

Complete SSL Support and Management

SSL operations are CPU intensive and can put a strain on server resources. In order to balance the demands of traffic encryption, SSL offloading moves that process to the Ingress Controller, freeing up the web server to handle other application delivery demands.

Modern Protocols and Algorithms

BotGuard’s Ingress Controller supports both TLS 1.3 cryptographic protocol and HTTP/3 (QUIC) protocol. In the first case, it speeds up encrypted connections even more with TLS false start and Zero Round Trip Time (0-RTT). HTTP/3 has better transmission speed, shorter loading times and a stabler connection for mobile users.

Certificates Management

The Ingress Controller issues and renews all certificates automatically. Free certificate providers, like Let’s Encrypt and Buy Pass are supported.

Security Features

All necessary security settings are included by default. Websites protected by the BotGuard Ingress Controller receive an A+ rating from Qualys SSL Labs.

Configuration

The configuration of BotGuard Ingress Controller is simple, fast and straightforward. Everything is taken care of via browser. As a prerequisite, we’ll need an API key, which can be found at your BotGuard dashboard. Type the IP address of the deployed application in your browser address bar and hit enter: http://your.instance.ip.address. The web application will ask you to enter your BotGuard API key or register a new BotGuard account to get one. The API key would be used as a password for further Ingress Controller management. After entering a valid API key, the page will refresh and prompt you to enter the username and password. Please use botguard” as the username and your API key as the password.

Domain setup

  1. Select Domains in the top menu
  2. Click Add domain button
  3. Enter your web application domain name and add the subdomains, if they exist.
  4. Define your application servers IP addresses in the Upstreams section. BotGuard Ingress Controller will try to guess your upstream addresses based on the domain DNS records
  5. Select the preferred SSL certificate provider or upload your own certificate.
  6. Select additional caching and security settings and save the changes. Don’t forget to enable BotGuard bot protection!
  7. Point your domain domain A/AAAA records to the BotGuard Ingress Controller instance IP address

Support Information

Support Contact

Website
https://botguard.net
Email
support@botguard.net
Support URL
https://botguard.net/en/support

Maintainer Contact

Website
https://botguard.net

Report Application

Report an application with malicious intent or harmful content.

Thank you for your report!

Our Team has received your report and will respond accordingly as possible.