artificial intelligence
docker
free open source software
web application firewall
airesistance, antibot, antibotsolution, anubis, botprotection, cloudflarealternative, containers, cybersecurity, ddosprotection, devops, Docker, edgeprotection, infosec, jschallenge, linuxsecurity, networksecurity, nginx, open source, opensourcefirewall, proofofwork, reverseproxy, selfhosted, techaro, webfirewall, websecurity
9M2PJU
0 Comments
How Anubis Works: Fighting Bots with Proof-of-Work
The internet today is crawling with bots—some helpful, most not. Whether it’s AI scrapers harvesting public data or malicious bots launching DDoS attacks, websites are under constant pressure to defend their content. Enter Anubis: a clever, open-source web firewall that uses Proof-of-Work (PoW) to filter out bots while letting real users through with minimal friction.
Let’s unpack how it works—and how to deploy it with Docker and Nginx.
What Is Anubis?
At its core, Anubis is a PoW gateway. It sits in front of your website and challenges each visitor with a lightweight computational puzzle before letting them through.
The concept is simple but effective: bots that don’t execute JavaScript (like most scrapers or AI crawlers) can’t pass the challenge. Even those that do will find it expensive to scale.
How It Works (Step by Step)
Here’s what happens when someone visits a site protected by Anubis:
- User requests a page.
- Anubis intercepts the request as a reverse proxy.
- It serves a small HTML page with embedded JavaScript containing a Proof-of-Work challenge.
- Browser solves the challenge in a second or two, generating a token.
- The browser resubmits the request with the token, and Anubis lets them through.
This slows down bots significantly while being nearly invisible to human users.
Why It Works
Bots and crawlers typically skip JavaScript. That means:
- They can’t pass the PoW challenge.
- Even if they try, solving the challenge repeatedly becomes computationally expensive.
For humans: it’s just a couple of seconds. For bots: it’s a serious headache.
Real-World Adoption
Anubis is already being used by high-traffic, open-source projects like:
These communities needed something robust, lightweight, and self-hosted. Anubis delivered.
🚀 Quick Start with Docker
Anubis is available as a Docker image at:
ghcr.io/techarohq/anubis
🔖 Available Tags
Tag | Description |
---|---|
latest | The latest stable release (recommended for most users) |
vX.Y.Z | Specific version (e.g., v1.4.2 ) |
main | Edge build from the main branch — use only if you need it |
⚙️ Docker Compose Example
Here’s a quick way to run Anubis using Docker Compose:
services:
anubis:
image: ghcr.io/techarohq/anubis:latest
container_name: anubis
restart: unless-stopped
ports:
- "8080:8080" # Anubis listens on port 8080 by default
volumes:
- ./config:/etc/anubis
environment:
- ANUBIS_CONFIG=/etc/anubis/anubis.toml
user: "1000:1000"
🔐 Important: Make sure the mounted
./config
directory is owned by UID/GID 1000, or is writable by that user.
🧠 System Requirements
Anubis is very efficient:
- ~128MiB RAM is enough for many use cases.
- Ideal for HTTP traffic.
- May not be suited for long-lived connections like WebSockets (TBD in real-world use).
🌐 Nginx Reverse Proxy Config
Once Anubis is running, you’ll want to route traffic through it. Here’s a basic Nginx config to pass requests through Anubis and then upstream to your real site:
server {
listen 80;
server_name yoursite.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
You can also put Anubis in front of another reverse proxy (like Nginx ➜ Anubis ➜ App), depending on your network layout.
🧰 Why Choose Anubis?
- ✅ Open-source and fully self-hostable
- ✅ No CAPTCHAs, no third-party cloud services
- ✅ Blocks scrapers and AI bots reliably
- ✅ Works great with Docker, Nginx, and minimal hardware
- ✅ Community-tested and battle-hardened
✅ Final Thoughts
In an age of aggressive AI scraping and relentless bots, Anubis offers a refreshingly simple and effective shield. By making abuse computationally expensive and annoying for bots—but nearly invisible to humans—Anubis flips the script and puts the burden back where it belongs.
You can try a live demo at anubis.techaro.lol or start deploying right away using the official GitHub repo.
Post Comment