ícono bot

Traffic spikes due to ad servers

When an emerging digital media outlet’s website experienced frequent downtime due to advertising traffic and scraping, they turned to Transparent Edge to deploy a protection strategy without needing to expand their infrastructure.

Their website is built on WordPress using shared infrastructure, so sudden traffic spikes were repeatedly jeopardizing its availability. Proper management can keep the site up and running seamlessly for real users.

Use case

Vulnerabilities

The origin was receiving traffic that exceeded its capacity, with calls from uncacheable ad servers, botnet scans, and occasional spikes that compromised its availability.

The impact was significant:

  • Recurring outages due to origin saturation.
  • Calls from ad servers passing unfiltered to the backend.
  • Constant scraping by botnets, some of which were feeding AI models.
  • Cache fragmentation due to user-agent variations (mobile, tablet, desktop, or different operating systems).
  • Massive and unpredictable spikes when an article reaches the homepage of a news aggregator.
  • Without filtering solutions for malicious traffic, they lacked WAF and bot governance.

 

Transparent Edge’s response

The deployment combined setting up caching rules, bot management, and traffic limits. All of this was configured by our team from the beginning of the onboarding process.

Immediate actions:

  • Origin restriction: We place the CDN in front of the origin. Users connect to the platform, not directly to the website. From that point on, only requests from the nodes access the server.
  • WordPress plugin installation: serves new content only when it can confirm that the previous content has been invalidated, performs cache preheating and soft purging.
  • Vary header: by device type, instead of by user-agent, to unify mobile, tablet, and desktop cache.
  • Bot Management: for the governance of synthetic traffic with high filtering thresholds.

Deployment of protection strategy

  • Anomaly detection with automatically updated IP blacklists.
  • Strict caching policy to prevent common attack vectors at the origin.
  • Permanent Anti-DDoS protection.
  • Custom IP whitelists.
  • Rate limit on sensitive routes and POST: control the number of requests per second per IP, applying a temporary penalty if it exceeds the allowed quota.
  • VCL deny for identified botnet scrapers, bypassing WAF and incurring no cost.
  • Blocking HTML requests on static subdomains (images only). Cleaning query strings outside the site model.

 

Our actions bring results

The origin stopped receiving non-value-added traffic. The WAF and Bot Management filter at the edge before that traffic generates costs or load on the backend.

The site maintains its availability during peak times without having to invest in additional origin infrastructure.

What to keep in mind in media outlets that work with ad servers

If you manage a site with a similar profile (WordPress, shared origin or no cluster, high dependence on advertising), review these points before a price spike takes your site down:

  • Audit how much of your current traffic is scraping or bots, rather than genuine readers.
  • Avoid cache fragmentation across devices.
  • Have a specific plan for external spikes (aggregators, social media, viral content), with a rate limit, and not just for attacks.
Equipo

What can Transparent Edge do?

We support you with the expertise of our team, who work with you from the outset to tailor every rule to your infrastructure and the realities of your business. With comprehensive security layers, customized caching policies, traffic anomaly detection, and cyberattack mitigation, you gain control of your environment and safeguard your web presence.

Do you want to read the full story of how Transparent Edge was able to ensure the availability of a media outlet’s website?