Bot Detector — VistoShield

Key Features

🔎

143+ Bot Signatures

Comprehensive signature database covering scrapers, AI training crawlers, vulnerability scanners, SEO tools, headless browsers, and spam bots. Updated regularly.

📈

Behavioral Scoring

Each visitor gets a 0-100 suspicion score calculated from request headers, rate patterns, 404 frequency, missing assets, and request sequencing.

🔌

rDNS Verification

Confirms that Googlebot, Bingbot, and other legitimate crawlers are genuine by performing reverse DNS lookups and forward verification against known netblocks.

⚙

Cloudflare-Style Controls

Inline action controls per bot signature: Block, Challenge, Allow, or Monitor. Manage every signature from a single table view with bulk actions.

⚡

JS Challenge

Lightweight JavaScript challenge page for suspicious traffic. Legitimate browsers solve it automatically in under a second; headless bots and simple scripts fail.

🌎

Good Bot Management

Separate controls for search engine crawlers, social media bots, uptime monitors, and feed readers. Allow good bots while blocking the rest.

How Bot Detection Works

The Bot Detector uses a layered approach: first matching the User-Agent against known signatures, then running behavioral analysis, and finally performing rDNS verification for bots that claim to be from known search engines.

Behavioral Scoring Signals

The scoring engine evaluates multiple signals to determine how suspicious a visitor is:

Request rate — high request frequency without human-like gaps
404 patterns — repeated probing for common vulnerability paths
Missing assets — real browsers load CSS, JS, and images; bots often don't
Header analysis — missing or inconsistent Accept, Accept-Language, Accept-Encoding headers
Request sequencing — jumping directly to deep URLs without visiting the homepage
Cookie handling — inability to store and return cookies across requests
TLS fingerprint — mismatches between claimed browser and actual TLS handshake characteristics

Signature Format

Each signature includes:

Name — human-readable identifier (e.g., "AhrefsBot", "GPTBot")
Pattern — regex matched against User-Agent string
Category — scraper, AI crawler, vulnerability scanner, SEO tool, etc.
Default action — the recommended action (block, challenge, allow, monitor)
Description — what the bot does and who operates it

You can override the default action for any signature, and your custom actions persist across signature updates.

rDNS Verification

When a visitor claims to be Googlebot, Bingbot, or another known crawler, the Bot Detector performs a two-step verification process. First, it does a reverse DNS lookup on the visitor's IP address to get the hostname. Then it performs a forward DNS lookup on that hostname to confirm it resolves back to the same IP.

For Google, the hostname must end in .googlebot.com or .google.com. For Bing, it must end in .search.msn.com. Visitors that fail verification are flagged as impersonators and can be automatically blocked or challenged.

Screenshots

Dashboard — real-time bot detection statistics and traffic chart

Bot signatures list with inline Block/Challenge/Allow/Monitor controls

Bot signature filters by category and action type

Behavioral scoring settings and threshold configuration

rDNS verification and good bot allowance settings

IP allowlist management

VistoShield Server integration settings

Feature	Free	Pro Bundle
Bot Signatures	143	500+ premium (daily updates)
Behavioral Analysis	Basic	Advanced scoring
Event History	7 days	Up to 10 years
Support	Community	Priority 24h
Updates	Standard	Priority + Early Access

🤖 Bot Detector

Key Features

143+ Bot Signatures

Behavioral Scoring

rDNS Verification

Cloudflare-Style Controls

JS Challenge

Good Bot Management

How Bot Detection Works

Behavioral Scoring Signals

Signature Format

rDNS Verification

Screenshots

Free vs Pro

Ready to Control Bot Traffic?