Our WAF has a new user interface – for more intuitive and efficient use. Learn more
Home>
Identify and Block AI Bots: Myra Keeps You Protected!
Identify and Block AI Bots: Myra Keeps You Protected!
MYRA NEWS | April 9, 2025
The increasing prevalence of AI technologies not only has positive effects but also poses a new challenge for the protection of web content. AI-based bots and crawlers scan the internet to extract content that is often used without the consent of the site operators to train large language models (LLMs). With the Myra Web Application Firewall (WAF), you can effectively prevent unwanted spying on your website.
The activity of AI bots and crawlers has increased massively in recent years. AI crawlers such as OpenAI's GPTBot or Anthropic's ClaudeBot generate immense amounts of requests that put a significant workload on web servers and incur additional operating costs. According to data from the cloud hosting service Vercel published in December 2024, GPTBot, for example, generated 569 million requests in just one month, while ClaudeBot made 370 million requests. For perspective, this combined volume corresponds to around 20% of the 4.5 billion requests made by the Googlebot for search indexing during the same period.
AI Bots Massively Increase Server Load
Such automated requests increase the server load and bandwidth usage of affected websites significantly and, in the worst case, can even lead to disruptions or outages. For example, in mid-March 2025, the Git hosting service SourceHut reported “disruptions due to aggressive LLM crawlers”. As with a DDoS attack, the servers were temporarily overloaded by the immense number of requests from AI crawlers.
OpenAI and other developers of AI models claim that their crawlers respect the site operators' settings in the robots.txt file, which defines which bots are allowed to search which areas of the domain. However, some AI bots apparently deliberately disregard these restrictions or even fake a different user agent to pretend to be a regular browser.
Block A-Based Bots and Crawlers Using WAF Rules
This is where the Myra WAF comes in, using behavioral analysis and fingerprinting to detect such deception attempts. Myra examines the trustworthiness of fingerprints using self-learning algorithms that analyze hundreds of billions of data points every day. Rate limiting and advanced scoring can be used to restrict or block requests. It is also possible to create specific WAF rules to block AI bots and crawlers.
With the Myra WAF, you can:
Set up customized blocker rules for bots: Administrators can define a wide range of rules that target specific user agent data or other bot characteristics.
Reliably identify bots: In combination with Myra Bot Management, the WAF enables unambiguous detection of bots via fingerprints, ensuring that bots using different IP addresses or user agents can also be blocked.
Maintain granular control: With the WAF, you can block automated requests in a targeted manner and define exceptions, for example for trusted bots such as search engine crawlers.
Manage Collections of WAF Rules with Tags
The Myra WAF offers the option to create and manage entire collections of WAF rules using tags. This function makes it easier for users to apply their security policies efficiently and consistently across multiple domains.
Key benefits of the tag feature:
Centralized management: Users can group multiple WAF rules under a tag, such as “AI bots”, to quickly and easily apply those rules to all their domains.
Flexible customization: Tags allow administrators to make changes to a group of rules that are automatically applied to all associated domains.
Time efficiency: Instead of configuring each domain individually, users can define and maintain global security policies using tags.
Example: A company could create a tag called “AI crawler protection” that contains rules for blocking certain AI crawlers. This tag is then applied to all of the company's domains – a simple and scalable solution for effective protection.
With the Myra Web Application Firewall (WAF), you get a powerful tool to defend against unwanted requests from AI bots and crawlers that consume your server resources and increase your operating costs.
Product Tour
See the Myra WAF in Action
Our product video provides a brief overview of the most important features of the Myra WAF.
The intuitive user interface makes it easy for you to manage granular filter rules to defend against attacks via the HTTP/S protocol.
Quickly and easily create, edit and delete customized WAF rules for your subdomains.
About the author
Björn Greif
Senior Editor
About the author
Björn started his career as an editor at the IT news portal ZDNet in 2006. 10 years and exactly 12,693 articles later, he joined the German start-up Cliqz to campaign for more privacy and data protection on the web. It was then only a small step from data protection to IT security: Björn has been writing about the latest trends and developments in the world of cybersecurity at Myra since 2020.