Book a demo
Connect with us to explore our solutions or request a personalized offer
Web Scraping Protection Integrated with CDN and WAF for Food Retailer
22 Apr, 2026 | 4 min
А food retailer’s online catalog—unique content—was continuously scraped by competitors. Historically, the CDN service provider handled application security. A growing threat exposed the CDN provider’s inability to detect and block advanced bots, which overloaded server infrastructure. The infosec department specialists needed an advanced solution to combat sophisticated web scraping.
"In 2023, we were suffering from bots that were scraping our catalogs and price lists at night. As our current CDN provider couldn’t protect us, we needed an advanced anti-bot solution to finally fix the problem."
CISO, Food Retailer
Challenge
Web scrapers created an extremely heavy load on the client’s servers. However, increasing server capacity to handle the extra traffic seemed impractical.
Solution
On-premises implementation of Strictera WAAP that instantly detects all types of automated threats to web applications (including DDoS attacks) and filters traffic according to built-in anti-bot algorithms and custom rules, controlled by the client.
Additional seamless CDN + WAF integration helps simplify traffic flow control.
Additional seamless CDN + WAF integration helps simplify traffic flow control.
"Strictera WAAP detects and blocks DDoS attacks very quickly. We’ve had experiences before where protection would trigger after several minutes' delay. And we’re attacked with depressing regularity. Sometimes our servers would crash before protection kicked in. This didn’t cause serious problems, but even a few minutes of downtime is extremely undesirable for us. Bots have practically disappeared. We’ve basically removed this from our monitoring list. Previously, influxes of malicious bots would increase the load on our servers by an order of magnitude."
CISO, Food Retailer
"We’re not a CDN provider; we have fewer points of presence, and static content distribution isn’t our primary focus. But we needed to set up a proxy so the client wouldn’t lose the CDN benefits. To achieve this, we customized the connection scheme using link interception. The upstream response is proxied to us, and we modify it on the fly without wasting time on redirects. The client receives a ready-made HTML file that already specifies the partner CDN service’s cache servers for retrieving the static content."
CISO, Food Retailer
Results
- A single vendor for protection against all attacks on web resources and content delivery.
- Customizable protection, bot management, and custom filtering rules.
- An additional line of defense against SQL/XSS injections at the application layer.
"Generally, WAF is licensed on a per-request basis in terms of RPS. Previously, to avoid paying for bots on the WAF, we maintained a huge number of blacklists. Maintaining these lists semi-manually based on the previous day’s statistics took engineers at least one man-hour per day. Now, such work simply doesn’t exist; we’ve forgotten about it."
CISO, Food Retailer
Book a demo to see Strictera WAAP in action
Strictera
Innovative, scalable, and cost-efficient cybersecurity solutions to safeguard your networks, websites, apps, and APIs from evolving threats
Contact us by email:
Call the number:
Book a demo
Connect with us to explore our solutions or request a personalized offer
Table of contents