There are 3 methods available to integrate ShieldSquare with websites which are using Akamai CDN.


1) Consume Bot IP feed generated by ShieldSquare and manually blacklisting those bot signatures at Akamai CDN

 

Integrate ShieldSquare code with your website in monitor mode and you (one who uses Akamai CDN) can make asynchronous API calls to the ShieldSquare server. The ShieldSquare engine detects bots and sends the Bot IP Feed to you regularly. Then you can take action against those bots (either manually or using some automated scripts (e.g Selenium ) to automatically update the bot IPs in Akamai portal / CDN) which ensures action on those bot IPs.



2) Consume Bot IP Feed generated by ShieldSquare using Akamai API which takes required actions


Integrate ShieldSquare code with your website in monitor mode and you (one who uses Akamai CDN) can make synchronous API calls to the ShieldSquare server. The ShieldSquare engine detects bots and sends the bot IP feed to you regularly. You can use Akamai API to update the ACL (access control lists) with these bot IPs thereby taking action against those bots.


3) Integrating ShieldSquare with websites using ESI Caching


Edge Side Includes is a mark-up language for edge level dynamic web content. It is fairly common for websites to have dynamic web content. It could be because of changing content like catalogs or forums, or because of personalization. This creates a problem for caching systems. To overcome this problem, a group of companies like Akamai developed the ESI specification. By using this, dynamic webcontent of the site gets data from website server and other data is cached at CDN level. Websites can use ESI to cache pages that contain cacheable and uncacheable content. Previously, the presence of any uncacheable content on a page would have rendered the whole page uncacheable, even if that portion was a small percentage of the overall content. With ESI, the uncacheable portion can be split off into a separate request, meaning that the vast majority of the page can be cached and whichever is dynamic is made uncacheable.


Implementation:


The idea is to have ShieldSquare snippet code is integrated with uncacheable portion of the ESI in the customer website in active mode, thus bypassing Akamai altogether. By doing so, you can ensure that dynamic content (the content which you want to protect from scrapers) is protected by ShieldSquare. When a page visit happens from a user on your website, ESI fragment tag fires an API call to ShieldSquare service with all the required information. The ShieldSquare bot engine analyses the parameters and classifies the visitor as a genuine user or malicious bot and sends the corresponding response code. Based on the response code, you can take necessary action. If the visitor is classified as a genuine user, the uncacheable ESI page loads. If a suspicious IP is detected by ShieldSquare system, a block response is going to be thrown inside the ESI block. In this way, you can take action against malicious bots and display dynamic content to only genuine users.







For more details, reach out to support@shieldsquare.com