Bunny Shield is an advanced security platform that integrates seamlessly with your web applications and APIs. It offers a suite of features aimed at safeguarding your digital assets from a wide array of threats. With its intelligent Web Application Firewall (WAF), Global Rate Limiting and DDoS Mitigation capabilities, Bunny Shield provides a multi-layered defense mechanism to keep your applications secure.

Web Application Firewall (WAF)

The Web Application Firewall (WAF) is the cornerstone of Bunny Shield's security offerings. It provides advanced protection by meticulously inspecting incoming HTTP requests and filtering out malicious traffic. The WAF is engineered to detect and block common attack vectors, including SQL injection, cross-site scripting (XSS), and other vulnerabilities highlighted in the OWASP Top 10 list.

Key Capabilities

• Custom Rule Definitions – Tailor security to your exact needs by creating custom rules. Filter traffic based on IP addresses, request headers, URL paths, and more, giving you granular control over who or what can access your application.
• Preconfigured Rulesets – Easily deploy robust defenses with out-of-the-box rulesets created by security experts. These pre-built configurations address common web application attacks, reducing setup time and complexity.
• Real-Time Traffic Monitoring – Gain valuable insights into your application’s traffic patterns through real-time monitoring. Quickly identify potential threats, see which requests are allowed or blocked, and refine your defense strategy on the fly.

Global Rate Limiting

The Global Rate Limiting feature will add an extra layer of protection against abusive traffic patterns. It is designed to prevent your application from being overwhelmed by excessive requests, which can be indicative of brute force attacks, Distributed Denial of Service (DDoS) attempts, or API misuse.

Key Capabilities

• Threshold-Based Limiting – Define thresholds for the number of requests within a specified time frame (e.g., 100 requests per 10 seconds). This helps prevent your application from being overwhelmed by excessive or suspicious activity.
• Granular Endpoint Control – Apply rate limits to specific endpoints—like /login or /api/*—for precise protection. This ensures that critical parts of your application receive the security they need without hindering the overall user experience.
• Custom Responses – Decide how Bunny Shield responds when rate limits are exceeded. Options include logging events for monitoring, blocking the offending IP or user, or presenting a challenge to verify legitimate activity. With this flexibility, you can balance the need for security with user accessibility.

DDoS Mitigation

The DDoS Mitigation feature will add an additional layer of protection against HTTP level DDoS floods. It is designed to prevent your application from being overwhelmed by excessive requests. The DDoS Mitigation is engineered to maintain a stateful validation of all incoming requests to your website to reduce false positives, while maintaining a very high degree of filtering capabilities.

Key Capabilities

• Stateful Request Validation – By tracking and assessing each incoming request, Bunny Shield minimizes false positives and consistently filters suspicious traffic, ensuring legitimate users can continue interacting with your application uninterrupted.
• Lightweight Browser-Based Challenges – For more advanced security scenarios, Bunny Shield offers an optional JavaScript Proof of Work (PoW) challenge. Users can prove they are legitimate by completing a lightweight check, deterring automated attacks without putting a burden on genuine site visitors. You can enable this challenge in an “Always On” mode for extreme sensitivity or configure it through custom WAF rules for specific endpoints or HTTP headers.

Through these comprehensive DDoS mitigation measures, Bunny Shield strikes a powerful balance between high-level security and seamless user experiences.

Integration and API

Bunny Shield offers robust APIs to help developers integrate security features programmatically into their applications. Whether you're looking to configure WAF rules, set up rate limiting, or monitor traffic in real-time, the Bunny Shield API provides flexible endpoints to manage your security infrastructure.

📘

Note

You can find our OpenAPI Documentation here.

Best Practices

To get the most out of Bunny Shield, follow these best practices for optimizing security and performance:

• Start with Baseline Protection: Enable default rulesets for WAF and DDoS protection and adjust based on your traffic patterns.
• Monitor Logs Regularly: Continuously monitor traffic logs to identify and fine-tune security rules.
• Combine Multiple Layers: Use WAF and Rate Limiting together to create a multi-layered security approach.
• Leverage APIs: Integrate Bunny Shield APIs to automate security rule creation and monitor threats in real-time.

Need help or encountering issues?

If you encounter any difficulties or have questions, our support team is here to assist you. Please don't hesitate to contact us via support request form for prompt assistance.

Our dedicated support team is ready to help you resolve any issues you might face during the deployment process, provide additional guidance, or answer your questions.