Brute Force Bot

What It Means

This request was identified as coming from a bot known to be used in brute force attacks on web applications.

Why It Matters

Brute force bots systematically try thousands of username and password combinations to break into your application’s login pages, admin panels, and other authenticated endpoints. They can compromise user accounts, leading to data theft or unauthorized actions.

Common Triggers

High-volume login attempts from a single source, requests matching known brute force tool signatures, or traffic patterns consistent with credential stuffing campaigns.

What To Do

These blocks protect your users’ accounts. If you have legitimate automated systems that authenticate with your application (such as monitoring tools or CI/CD pipelines), add their IP addresses to your IP Allowlist.