“Blocked more than 4 million unwanted HTTP requests per day.”
Anubis sits between your reverse proxy and web server, issuing proof-of-work challenges to suspicious requests. Pass the challenge, get a signed JWT cookie. Fail it, get nothing. Duke University’s pilot blocked over 4 million scraper requests per day while letting legitimate users through. The latest version even supports non-JavaScript challenges for organizations that don’t want to require JS. It’s mostly the work of one developer, which is both impressive and a red flag for long-term viability. The project also has an anime mascot that apparently makes some enterprise buyers nervous, which tells you everything about how seriously organizations actually take their bot problems.