ReviewsPricingContactsFAQ

Developers 
& API docs

Red Keyboard

Passive Bot Detection

HotWall continuously monitors incoming traffic without actively challenging users.
By analyzing subtle behavioral signals—such as browsing patterns, mouse movements, and HTTP header anomalies—our passive bot detection engine accurately distinguishes legitimate visitors from automated threats.
This approach ensures zero friction for real users while maintaining rock-solid defense against credential stuffing, scraping and inventory hoarding bots.

Request Analytics

Every HTTP request is tracked, logged and enriched with contextual metadata.
Our analytics dashboard gives you full visibility into request origins, response times, geo-distribution and error rates.
Instant drill-downs let you spot spikes, correlate them with attack signatures, and fine-tune your security rules in real time.

SQLi Protection

HotWall’s WAF layer includes a comprehensive library of SQL injection signatures and heuristics.
Incoming payloads are sanitized on the fly, preventing malicious SQL fragments from ever reaching your database.
Custom rules let you adapt to novel attack vectors, while automated learning refines detection accuracy over time.

Adaptive Mode

When under siege, our sensor mode kicks in—deploying lightweight JavaScript challenges and network probes that adapt to attacker behavior.
Legitimate users sail through uninterrupted, while advanced bots are gradually fingerprinted and blocked.
This dynamic mode learns on the fly, so the longer an attack persists, the smarter your defense becomes.

Rate Limiting

Throttle abusive clients at the network edge with per-IP and per-user rate limits.
Define bursts, sustained thresholds and penalty periods to stop brute-force attacks dead in their tracks.
Flexible policies allow different limits for APIs, login endpoints and static assets.

WAF

Our patented WAF inspects Layer-7 traffic in real time, blocking OWASP Top 10 threats, zero-day exploits and custom attack patterns.
Write your own rules in a simple JSON syntax or choose from pre-built templates for common frameworks.
Auto-learning mode senses new anomalies and suggests protective rules before you even notice the issue.

Custom Lists

Fine-tune access with your own allowlists and blocklists.
Whitelist entire IP subnets, user agents or geographic regions to bypass checks where you trust the source.
Conversely, blacklist known malicious ranges or bad bots with one click, keeping your perimeter airtight.

Crawler Whitelist

Recognize and permit major search engine crawlers—Googlebot, YandexBot, BingBot—without manual intervention.
Our crawler whitelist updates itself daily, ensuring that SEO traffic remains uninterrupted even amid DDoS assaults.
You maintain full audit logs of every crawler request for compliance and review.

HTTP/2

Take advantage of HTTP/2 multiplexing and header compression under HotWall’s protection.
All streams are subject to the same rigorous security inspection, so upgrading your protocol doesn’t open new attack surfaces.
Performance and safety, hand in hand.

WebSockets

Real-time applications stay protected with HotWall’s WebSocket inspection.
We track handshake patterns and frame payloads, blocking malicious injections or protocol abuses.
Keep your chat services, dashboards and games online even under heavy load.

Load Balancing

Distribute traffic across multiple origin pools with health checks, session stickiness and zone-aware routing.
HotWall automatically shifts load away from unhealthy or overloaded servers, maintaining high availability during peak attack periods.

Heuristic Detection

Our engine applies advanced heuristics—rate curve analysis, entropy measurements and anomaly score aggregation—to spot novel threats.
Heuristic rules adapt as traffic patterns evolve, providing a proactive layer of defense against emerging DDoS methods.

Bot Signatures

Leverage a library of thousands of bot signatures covering scraper bots, credential stuffing tools and vulnerability scanners.
HotWall matches request fingerprints against this database in milliseconds, quarantining known offenders before they breach your application.

TLS Fingerprints

Inspect the TLS ClientHello for unique cipher suite orders, extensions and JA3 hashes.
Spot spoofed or non-standard clients trying to masquerade as browsers.
Block them at the handshake, saving resources and keeping your origin servers safe.

JS Fingerprints

Run unobtrusive JS challenges that collect execution metrics—stack traces, timing data and function coverage.
Use these fingerprints to distinguish real browsers from headless or automated environments with high accuracy.

HTTP/2 Fingerprints

Analyze the ordering and size of HTTP/2 frames, stream priorities and flow control behavior.
Identify custom or malformed HTTP/2 implementations often used by malicious bots, blocking them before they can do harm.