Cross-Platform Security Blueprint
Cross-Server Hardening & Bot Containment Matrix
Deploy production-ready access rules across Nginx, LiteSpeed, and Apache environments to shield your entire domain portfolio from aggressive automated scraping spikes without exhausting CPU allocation.
Deployment Verification Steps
Server Configuration Blueprints
Nginx Config Rules (nginx.conf)
# Establish limit zones in main HTTP block
limit_req_zone $binary_remote_addr zone=scraper_drop:10m rate=5r/s;
server {
location / {
# Limit burst spikes down gracefully
limit_req zone=scraper_drop burst=10 nodelay;
}
# Absolute block for target system & backup strings
location ~* \.(ini|log|conf|bak|env)$ {
deny all;
access_log off;
}
}
LiteSpeed Web Server Config (WebAdmin Console)
# 1. Navigate to Virtual Host > Security > Access Control
# 2. Add explicit containment lines to the "Allowed/Denied List"
Allowed List: ALL
Denied List: 192.0.2.0/24, 198.51.100.12
# 3. For custom request/burst throttling, configure inside:
# Server Configuration > Security > Per Client Throttling
Static Requests/sec: 20
Dynamic Requests/sec: 5
Apache Configuration (.htaccess / httpd.conf)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Explicit block for aggressive user-agent scrapers across all routes
RewriteCond %{HTTP_USER_AGENT} ^.*(Scrapy|bot|Bot|BOT|crawl|crawler|spider|Spider|LinkupBot|DotBot).*$ [NC]
RewriteRule ^(.*)$ - [F,L]
# Prevent directory mapping and block target source files
Options -Indexes
<FilesMatch "\.(env|ini|log|bak)$">
Require all denied
</FilesMatch>
</IfModule>