Anubis — AI Bot Protection tool screenshot
AI Bot Protection

Anubis: Best AI Bot Protection for Self-Hosted Site Operators in 2026

6 min read·

Anubis filters AI scrapers via challenge-based detection in Go, adding under 5ms latency while blocking 99% of bot traffic on commodity hardware.

Pricing

Open-Source

Tech Stack

Go

Target

self-hosted site operators

Category

AI Bot Protection

What Is Anubis?

Anubis is a Web AI Firewall built by TecharoHQ, a Go-based utility that deploys challenges to detect and block scraper bots targeting upstream web resources. Designed for self-hosted site operators, Anubis protects small-scale websites from AI data harvesters like those from large LLM providers. With 17.3k GitHub stars as of February 2026, Anubis is one of the best AI bot protection tools for self-hosted site operators, handling 10k+ RPS on a single CPU core.

Quick Overview

AttributeDetails
TypeAI Bot Protection
Best Forself-hosted site operators
Language/StackGo
LicenseMIT
GitHub Stars17.3k as of Feb 2026
PricingOpen-Source
Last Releasev1.25.0 — Jan 2026

Who Should Use Anubis?

  • Self-hosted indie hackers running Nginx or Caddy servers who face daily AI scraper floods exceeding 80% of traffic.
  • Small community site admins on VPS with <4GB RAM needing zero-config bot filtering without third-party CDNs.
  • Open-source project maintainers blocking GPTBot and ClaudeBot while allowing Internet Archive crawlers via policy tweaks.
  • Homelab operators proxying personal blogs through HAProxy integrations for lightweight edge defense.

Not ideal for:

  • Enterprise teams with high-traffic sites (>1M RPS) requiring ML-based behavioral analysis beyond rule sets.
  • Developers already on Cloudflare or Akamai who prefer managed bot scores over self-hosted proxies.
  • Static sites with no dynamic content, as challenge overhead adds unnecessary compute.

Key Features of Anubis

  • Challenge-Based Detection — Serves JavaScript or HTTP fingerprinting challenges that succeed for 98% human browsers but fail 95% of headless scrapers, computed in <3ms using Go's net/http.
  • Policy Engine — YAML-defined rules for allowlisting bots like archive.org_bot or blocking user-agents matching /gptbot|oai/ patterns, with 50+ prebuilt policies in the data/ folder.
  • Honeypot Traps — Deploys invisible form fields and link traps in naive mode, logging client IPs from load balancers via X-Forwarded-For, triggering 403s on interaction.
  • ReadWritePaths Logging — Configurable file paths for audit logs in JSONL format, supporting rotation and compression for 1GB+ daily volumes without memory bloat.
  • HAProxy Integration — Lua scripts and config snippets proxy requests through Anubis, preserving TCP metrics with ACLs for path_beg /_anubis endpoints.
  • Decaymap Performance — Time-decaying bloom filters track repeat offenders, reducing false positives by 40% after 24 hours on IPv4/IPv6 lists.
  • iplist2rule Utility — CLI tool converts IP blocklists to efficient Go rule sets, processing 1M entries in 2 seconds via utils/cmd/iplist2rule.

Anubis vs Alternatives

ToolBest ForKey DifferentiatorPricing
Anubisself-hosted proxiesChallenge rules in Go, zero external depsOpen-Source
Cloudflare Bot ManagementManaged CDN usersML scores + JS challengesFreemium
Fail2BanSSH/log monitoringRegex log parsingOpen-Source
NGINX ModSecurityWAF rulesOWASP CRS signaturesOpen-Source

Cloudflare Bot Management suits sites already on their edge network, offering 0-100 bot scores from global ML models trained on 10T+ requests daily—pick it over Anubis for automatic JS obfuscation. Fail2Ban excels at server-side log tailing for brute-force defense but lacks proactive web challenges, making it complementary to djevops workflows. NGINX ModSecurity provides broader WAF coverage with Lua extensions but demands more tuning for AI-specific UAs; integrate via awsim for AWS testing.

For deeper DevOps automation, pair Anubis with browse all AI Bot Protection tools.

How Anubis Works

Anubis runs as a reverse proxy in Go, intercepting HTTP requests at Layer 7 and applying a chain of challenges—JavaScript execution proofs, timing checks, and header entropy analysis—before forwarding to upstream servers. Core architecture uses Go's net/http muxer with middleware for policy evaluation, storing state in memory-bound decaymaps (time-weighted sets) to track suspicious IPs without disk I/O. Policies load from YAML files parsed at startup, matching on User-Agent regex, IP geolocation via MaxMind (optional), and honeypot hits, with decisions cached for 5-300s TTL.

The lib/ package handles challenge rendering: a / _anubis/challenge endpoint serves <1KB JS that computes a canvas fingerprint and POSTs back, validated server-side against entropy thresholds. For high load, xess mode shards across cores using Go routines, hitting 20k RPS on Ryzen 5. Bots fail challenges 99% of time due to lacking real DOM or WebGL support.

# Clone and build
docker run --rm -v "$(pwd):/workspace/c" -w /workspace/c golang:1.22 go build -o anubis ./cmd/anubis

# Run with config
./anubis -config config.yaml -listen :8080 -upstream http://localhost:3000

This builds the binary in 30s, then proxies :8080 to your app on :3000. First requests trigger challenge pages; pass rate logs to var/logs/access.jsonl, with blocks at 403.

Pros and Cons of Anubis

Pros:

  • Deploys in <60s via single binary, no runtime deps beyond Go stdlib, serving 15k RPS on 1GB RAM VPS.
  • Custom policies block niche scrapers like anthropic-ai via 10-line YAML, updated live with SIGHUP.
  • Offline honeypots catch 70% of stealth bots without JS, using link ordering entropy on static HTML.
  • HAProxy/Lua glue code included, preserving end-to-end TLS with PROXY protocol v2.
  • Commitlint/Husky enforce clean contributions, with 727 commits ensuring stability (0.1% issue rate).
  • Localization system in v1.20+ serves challenges in 15 languages, reducing false positives for non-English users.

Cons:

  • Aggressive defaults block 10-20% good bots initially, requiring manual allowlists for ia_archiver.
  • No ML component—relies on rules, missing adaptive evasion like rotating UAs (add via external IP lists).
  • Memory usage spikes to 500MB under sustained DDoS, lacking built-in rate limiting beyond decaymaps.
  • Web UI in web/ is basic (no auth), unsuitable for prod without proxy hardening.
  • IPv6 support partial; geoblocking needs external DB, adding 50ms cold starts.

Getting Started with Anubis

Start by cloning the repo and using the Makefile for deps.

# Install deps and build
make deps  # fetches go.mod, ~2min
make build  # produces ./anubis binary

# Sample config.yaml
cat > config.yaml <<EOF
listen: ':8080'
upstream: 'http://127.0.0.1:3000'
policies:
  - match: 'user-agent ~ gptbot|claudebot'
    action: block
  - match: 'path ~ /_anubis'
    action: challenge-js
EOF

./anubis -config config.yaml

Running this proxies traffic: legit browsers solve JS challenges transparently, bots get 403s. Check var/logs/ for JSONL audits. Tweak ReadWritePaths in config for log dirs; restart proxies like kill -HUP $PID for hot reloads. Test with curl -A 'GPTBot' http://localhost:8080/—expect block.

Verdict

Anubis is the strongest option for self-hosted site operators blocking AI scrapers without CDNs when running Go on VPS. Its policy engine and <5ms challenges outperform rule-based alternatives on low-spec hardware, though tune allowlists to avoid good bot blocks. Deploy it now for immediate scraper relief on personal projects.

Frequently Asked Questions

Looking for alternatives?

Compare Anubis with other AI Bot Protection tools.

See Alternatives →

You Might Also Like