» Tag
api-security
2 postsJuly 2026
Half My Traffic Was Bots: A 4-Day Layered Defense Stack
A developer discovered headless bots executing JS made up half his traffic, then built a 4-day, five-layer defense using robots.txt, ISR, Redis, and Vercel BotID.
bot-detectionweb-securitynextjsvercelWhy Trusting the Database for API Auth Is a Security Risk
A technical look at how HMAC-SHA512 signing, cryptographic peppers, and layered tenancy checks prevent SQL injection attacks from turning into full tenant takeovers.
api-securityauthenticationmulti-tenancycryptography