Introducing kk-anti-reptile: A Spring Boot Anti‑Crawler Filter Component

kk-anti-reptile is an anti‑crawler component designed for distributed systems built on Spring Boot (both 1.x and 2.x) that requires Redis.

The component implements request filtering via a Servlet‑compliant Filter instantiated through Spring Boot’s extension points and registered with FilterRegistrationBean , allowing it to intercept requests in the servlet container.

Inside the filter, a responsibility‑chain pattern weaves various filtering rules, exposing abstract interfaces for extensibility. When a request fails a rule, the filter blocks it, returns HTTP status 509, and serves a CAPTCHA page; successful CAPTCHA entry resets the rule chain.

Two built‑in rules are provided:

ip‑rule : counts requests within a time window and blocks when the maximum is exceeded; parameters such as window size, max count, and IP whitelist are configurable.

ua‑rule : evaluates the User‑Agent header to derive OS, device, and browser information, allowing filtering based on configurable dimensions.

Upon rule match, the system generates a CAPTCHA with six possible formats (Chinese characters, alphanumeric, simple arithmetic, each in static image or GIF), making automated solving extremely difficult.

Integration steps for the backend are straightforward: add the Maven dependency

<dependency>
    <groupId>cn.keking.project</groupId>
    <artifactId>kk-anti-reptile</artifactId>
    <version>1.0.0‑SNAPSHOT</version>
</dependency>

and enable the component with the property

anti.reptile.manager.enabled=true

For the frontend, intercept AJAX responses (e.g., using Axios) to detect status 509, open a new window with the returned HTML, and inject the backend baseUrl into the page:

import axios from 'axios';
import { baseUrl } from './config';

axios.interceptors.response.use(
  data => data,
  error => {
    if (error.response.status === 509) {
      let html = error.response.data;
      let verifyWindow = window.open('', '_blank', 'height=400,width=560');
      verifyWindow.document.write(html);
      verifyWindow.document.getElementById('baseUrl').value = baseUrl;
    }
    return Promise.reject(error);
  }
);
export default axios;

Additional notes:

When using Apollo client, enable bootstrap by setting apollo.bootstrap.enabled = true in application.properties or bootstrap.properties .

If the project uses Redisson, kk-anti-reptile will automatically obtain a RedissonClient ; otherwise, configure Redisson connection properties such as spring.redisson.address and spring.redisson.password .

All configuration properties are prefixed with anti.reptile.manager , and the article includes screenshots of the configuration UI.

The author concludes with a request for support and links to PDF collections of related Spring Cloud, Spring Boot, and MyBatis tutorials.