Configure an Automated Threats Policy to protect your site from known violators, identities, aggregator user agents, known violator data centers, and automated browsers.
Distil maintains a shared access control list (ACL) of prior threats that have already been detected across our network. For example, if we have detected a known violator on another site, your own site is automatically protected from that threat.
Known Violator Data Centers (KVDC)
Distil also maintains a list of data centers that commonly host malicious requests. Blocking any traffic from such data centers on first request, the list includes both common cloud and managed hosting providers (e.g., Rackspace). Distil is continually curating and updating our KVDC list.
Distil verifies the identity of incoming requests. Malicious bots can easily spoof user agents by masquerading as a good bot (e.g., Googlebot). Distil forces two-factor authentication for all good bots, verifying that they’re coming from correct user agents. We then confirm that each request maps to one of the IP addresses within the range of the corresponding bot. If it doesn’t, the request is flagged as a malicious attempt.
Aggregator User Agents
Next, Distil checks a homegrown list of known malicious aggregator user agents. These provide zero value to your site and can also crawl certain parts of it in a harsh manner—potentially impacting performance and reliability. Unless you require complete and open access to such tools as RSS or Atom feeds, Distil recommends blocking these request types.