| ▲ | VladVladikoff 6 hours ago | |||||||
>How can you protect your sites from these bots? JA4 fingerprinting works decently for the residential proxies. | ||||||||
| ▲ | Rasbora 5 hours ago | parent [-] | |||||||
TLS fingerprinting is not sufficient to stop residential proxies, the proxy acts as a transparent pass-through at the TLS layer making it trivial to use something like curl_cffi to mimic a real browser TLS fingerprint. However residential proxies do have a weakness, since they need to maintain 2 separate TCP conenctions you can exploit RTT differences between layers 3 and 7 to detect if the connection to your server is being terminated somewhere along the path. Solutions exist that can reliably detect and block residential proxies, for example: https://layer3intel.com/tripwire | ||||||||
| ||||||||