We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Tarpit Client

  • Last updated on

Tarpit is the process of delaying the incoming requests coming from those clients who are identified as suspicious. It intentionally delays handling of incoming requests from suspicious clients, and slows down and drops requests based on their risk scores or any other malicious activities, such as attacks for which Follow Up Action is configured as Tarpit Client.

The Barracuda Web Application Firewall puts suspicious and bad clients into Tarpit in the following cases:

  • The risk score of the client has crossed the suspicious value.
  • An attack is detected for which Follow Up Action is configured as Tarpit Client under Action Policy.

A client is considered to be suspicious when their risk score crosses the default value of 60, or when it performs any malicious activity like an attack. If risk score crosses 80, it is considered to be a BOT or a BAD client.

When the client is put into Tarpit, the configured number of active and backlog requests are served by the Barracuda Web Application Firewall. If the number of requests (other than configured) coming for the same client increases, they are dropped in Tarpit. The client should remain in Tarpit until the inactivity timeout duration configured is met.

Configure Tarpit for a Client

  1. Go to the SECURITY POLICIES > Tarpit Client page.
  2. In the Backlog Requests Limit box, specify number of requests that should be held in a backlog and are served from a tarpitted client.
    • Values: 0 to 100
    • Recommended: 50
  3. In the Tarpit Inactivity Timeout box, specify the time in seconds for idle timeout, after which the client is removed from Tarpit.
    • Values: 300 to 36000 secs
    • Recommended: 300
Last updated on