Cloud Verification in BotBlocker: Database Types Used for Advanced Threat Detection

BotBlocker’s cloud verification feature brings next-level security to WordPress by connecting your site to constantly updated remote databases. This approach enables instant, accurate detection of bots, attackers, and suspicious traffic that cannot be caught using only local filters. Here’s how it works and what types of databases are involved.

What Is Cloud Verification in BotBlocker?

Cloud verification means that, in addition to local checks, BotBlocker queries remote data sources in real time. This allows for:

• Immediate updates on new threats, IP addresses, and bot signatures
• Reduced false positives thanks to collective intelligence
• Scalable protection even as new attack vectors appear

Instead of relying solely on your own, potentially outdated data, BotBlocker leverages up-to-date information from multiple cloud-based sources.

Types of Databases Used in Cloud Verification

BotBlocker’s cloud system doesn’t depend on any single vendor or database. Instead, it uses a combination of diverse, specialized data sets to ensure broad and accurate protection.

1. IP Reputation Databases

• Store global records of IP addresses associated with spam, brute-force, scraping, attacks, and other malicious activities
• Include data from blacklists, honeypots, and cybersecurity communities

2. Signature and Fingerprint Databases

• Hold digital “fingerprints” of bots, headless browsers, automation frameworks, and known exploit tools
• Updated continuously to reflect new botnets and stealth automation

3. Proxy and VPN Endpoint Lists

• Include millions of proxy, VPN, anonymizer, and relay endpoints
• Cover open, commercial, residential, mobile, and rotating proxies
• Updated for new networks and servers used to mask real visitor locations

4. ASN and Hosting Provider Data

• Contain ASN (Autonomous System Number) records and subnet lists
• Identify traffic coming from cloud hosts, data centers, and “risky” infrastructure
• Help distinguish legitimate residential users from likely automation

5. TOR Exit Node Lists

• Track all current TOR exit nodes globally
• Allow instant recognition and handling of anonymous, high-risk connections

6. Known Attack Patterns and Exploit Signatures

• Hold behavioral rules, query signatures, and URL patterns related to typical attacks (SQL injection, brute force, enumeration, spam, etc.)
• Help block “zero-day” and evolving threat vectors faster

7. Device and Browser Fingerprint Blacklists

• Store combinations of browser versions, OS, device characteristics often linked to bots, emulators, or anti-detect tools
• Used to spot attempts to mask automation as real users

8. Abuse and Fraud History Databases

• Contain records of IPs, user agents, and behavioral patterns previously flagged for fraud, abuse, or policy violations

How BotBlocker Uses Cloud Data for Protection

• Every suspicious request can be checked against several remote databases simultaneously
• Decisions to allow, challenge, or block are based on a “score” or risk level calculated from all sources
• All checks are performed in real time with minimal delay for users

Security and Privacy Considerations

• No personal content or user data is sent—only technical signals required for reputation analysis
• Cloud checks complement (not replace) local detection, ensuring resilience even if cloud service is temporarily unavailable

Real-World Benefits

• Instant reaction to new botnets, IP ranges, and attack campaigns
• Fewer false positives, since verdicts are based on global traffic intelligence
• Scalable defense that grows stronger as the threat landscape evolves

FAQ

What happens if the cloud service is unavailable?
BotBlocker continues to use local detection methods and resumes cloud checks automatically when the service is back online.

Does cloud verification slow down the site?
No. All requests are optimized, and most checks complete in milliseconds.

Can I choose which types of databases to check?
Settings allow you to control cloud verification, but the default is to check all relevant types for maximum safety.

See all BotBlocker features

Internal Links (EN):

• All User Parameters Checked
• Proxy and VPN Detection

External Links (EN):

• Wikipedia: IP Reputation
• OWASP: Threat Intelligence