orubel
commented
3 weeks ago we could also assign a separate session variable and header to do additional detection of how it is routing; this could be good for detection with your proxy and ISP in tracking it down.
say you have people attempting to mine your apis by hitting them over and over and over and your system detects this and flags it... what next?
You can kick them out but then you won't be able to block their next attack or they will just attempt from another bot in their network.
If you keep their script looping indefinitely in your system, it will THINK it is mining when you can just feed it a pre-built dataset.
If we have a template or even a prebuilt template to work off, we can
In fact being able to loopback traffic detected as different would be very good for analysis