Over the past few weeks, many of our clients have experienced increased CDN bandwidth usage, often caused by a rise in bot traffic targeting their websites. This is a growing issue across the internet, as bots — automated scripts or tools that mimic human browsing activity — continue to become more sophisticated and widespread.
At NitroPack, our core focus is on optimizing website performance. We specialize in making websites load faster by caching content and optimizing assets like images, CSS, and JavaScript. However, bot traffic management and security filtering aren’t part of our service offerings. We don’t provide a web application firewall (WAF) or bot protection services, and as such, the responsibility for handling such traffic falls to you, the website owner.
Why does bot traffic matter?
Bot traffic is problematic for a few reasons. First, it often consumes valuable server and CDN resources, leading to increased bandwidth usage and slower site speeds. For websites that rely on NitroPack’s CDN for optimization, bot traffic can significantly impact performance, especially when the traffic volume spikes unexpectedly.
What Can You Do to Mitigate Bot Traffic?
While NitroPack isn’t a security tool, there are several proven ways to protect your website from unwanted bot traffic. We highly recommend setting up bot protection or firewall rules through one of the following services, which are specifically designed to detect and block automated traffic:
Or any similar web security provider.
These tools can help filter out malicious traffic before it reaches your website or CDN, reducing the strain on your infrastructure.
Ensuring NitroPack Works Seamlessly with Your Protection Setup
If you choose to implement a security solution, it’s essential to ensure that NitroPack’s services aren’t mistakenly blocked. Here are some key steps to ensure your website’s performance remains optimal while you filter out unwanted traffic:
1. Allowlist NitroPack’s IPs
Make sure that you allowlist NitroPack’s IP addresses in your firewall or bot protection system. This will ensure that NitroPack can continue to optimize and serve content without interference from your security settings. You can find the list of IP addresses to allowlist here.
2. User-Agent String Filtering
If your security rules rely on filtering by User-Agent string, be sure to whitelist the following NitroPack agents to avoid disruptions:
Nitro-Optimizer-Agent
Nitro-Warmup-Agent
Nitro-Webhook-Agent
By allowing these agents through, you can be confident that NitroPack’s optimization services will function properly alongside your security tools.
Need extra help?
While NitroPack doesn’t offer built-in bot filtering or firewall protection, our team is always here to help with investigating unusual traffic spikes. If you notice any unexpected surges in CDN bandwidth usage or suspect bot activity, we can help determine if bot traffic is the cause, but the actual mitigation will need to happen on your end through a web security provider.