Anubis: Your Free Self-hosted Web AI Firewall for Your Server
Table of Content
In an era where data is the new gold and AI is the new gatekeeper, safeguarding digital sovereignty has become more critical than ever. The rise of large-scale AI scraping has left countless small websites and independent developers struggling to keep their services online. Anubis was born from the urgent need to protect these digital voices from being drowned in a sea of automated traffic. As part of the broader mission of the AI & Data Foundation , this tool is not just a utility, it's a statement that the web belongs to everyone, not just those with the most aggressive crawlers.
The foundation champions responsible AI development and data stewardship, ensuring that innovation doesn’t come at the cost of accessibility, fairness, or digital sovereignty for smaller voices online.
In the ancient myths, Anubis weighed the hearts of the dead, judging worthiness before granting passage.
Today, in the wild chaos of the web, something far less poetic is knocking at your door: scraper bots, AI crawlers, and relentless automated traffic flooding small sites into oblivion.
What is Anubis?
Enter Anubis, a lightweight, battle-ready Web AI Firewall Utility that stands guard at your digital threshold. It weighs the soul of every incoming connection through intelligent challenge-response mechanisms, blocking malicious scrapers while preserving access for real humans and essential services.
We built Anubis not because we wanted to, but because we had to. The internet’s smallest corners, personal blogs, community APIs, indie projects, are drowning under the weight of unregulated AI traffic. This tool is our nuclear option, our immune response, our way of saying: “Not here. Not on our watch.”
Yes, it’s aggressive. Yes, it might block some good bots, but it also gives you the tools to fine-tune what gets through. We're curating known-good bot profiles so you don't have to choose between visibility and survival.
You probably don’t need this if Cloudflare works for you. But if you’re running a lean operation and want surgical control without vendor lock-in, Anubis was made for moments just like yours.
Features
- Proof-of-Work Challenges: Blocks bots with lightweight browser checks. Only clients that can compute SHA-256 hashes pass.
- Smart Challenge Logic: Challenges only modern browsers or scraper bots. Lets RSS readers, git clients, and good tools through by default.
- JWT-Based Auth Tokens: Clients earn access via signed tokens containing verifiable proof of work. Stateless, fast, secure.
- Customizable Difficulty: Default: 5 leading zeroes in SHA-256 hash. Tweak it if you want more or less friction.
- Multi-threaded Worker Support: Leverages Web Workers to avoid freezing UI threads during challenge computation.
- Request Fingerprinting: Combines IP, User-Agent, Accept-Encoding, time, and key ID to generate unique, time-bound challenges.
- Self-Signed ED25519 Keys: Secure JWT signing on startup. New keys every run (persistent key support coming soon).
- No Cookie Consent Banners Needed: Designed to be transparent and non-tracking. Works without user consent banners, but always consider your legal context.
- Lightweight & Self-Contained: No Cloudflare dependency. No big runtime. Just drop it in front of your origin and go.
- Open Source & Hackable: Because we all end up modifying middleware at 3am anyway.
License
MIT License
Resources
TecharoHQ
