KnifeCenter.com protects its content and website performance with DataDome

Optimized user experience

Protected content and user data

Freed-up time and server resources

Retail & e-commerce Scraping

Since 1995, KnifeCenter.com has been the internet resource for all things related to cutlery, shaving and security. As the largest catalog of its kind, it was frequently targeted by web scraping, carding and DDoS attacks. After a thorough evaluation of multiple bot protection solutions, the team settled on DataDome. Today, KnifeCenter’s overall bot traffic is significantly reduced, they are no longer subjected to sustained attacks slowing down the website, and the team can focus its time and efforts on growing the business.

We evaluated many products, including competitors with top reviews. In terms of cost, ease of use, reporting and protection, DataDome was the best by far.

Raymond Borhan, CTO at KnifeCenter.com

The Problem: Content theft, credential stuffing, and slowdowns.

“We do everything we can to make our customer’s buying experience as easy and pleasurable as possible,” says Josh Korn, COO at KnifeCenter. “One of our core principles is great service, which includes a fast website, but bots were making it difficult for us to deliver on that promise.”

“Our main concern was DDoS attacks,” elaborates Raymond Borhan, CTO at KnifeCenter. “We had several episodes, most significantly in the holiday season of 2019, when we came under a sustained, complex, well coordinated botnet attack. After that, we put in additional safeguards and closed a few gaps. But we knew that DDoS attacks could still slow down our site, for example by hitting API URLs which aren’t cached in Cloudflare.”

DDoS attacks and slowdowns weren’t the only bot-related issues either. As the leading online resource in its field, KnifeCenter.com naturally attracts scraper bots aiming to exploit its content for their own benefit. Without advanced bot detection capabilities, web scraping is hard to prevent.

“Scraping is something we try to avoid, but the crawlers have become very adept at remaining under the radar,” Raymond explains. “We could often see signs of scraping activity in our Cloudflare traffic patterns, but because these bots didn’t usually bring our site to a halt or cause significant slowdowns, we wouldn’t be alerted and would only see it after the fact.”

A third area of concern was credential stuffing attacks. The team could observe regular attacks both on the account login page and the tokenisation endpoint, where bots attempted to validate stolen credentials from other sources. Although KnifeCenter’s own customer data was never at risk, thanks to multiple safeguards against such threats, these persistent automated attacks still degraded the site performance.

Josh sums it up: “From an operational perspective, we just want to focus on marketing our products and selling knives, but these issues were keeping me up at night.”

The Solution: Seamless implementation, intuitive reports.

For some time, the team mitigated attacks using the WAF capabilities of their Cloudflare CDN. They implemented rate limiting rules, and if they observed suspicious traffic volumes from a particular source, they could block the IPs. However, the approach had considerable limitations.

“It was very reactive,” Raymond points out. “Any time we were under attack, we’d have to go into Cloudflare, try to identify the malicious IPs, and block them manually. But by then, our site would already be slow; that’s why we’d go look at our Cloudflare traffic in the first place. The process of manually identifying and blocking IPs could also be very time-consuming.”

After another major attack in the midst of the 2020 Black Friday sales, the team decided they needed a more robust solution, and started to evaluate their options. To their surprise, one of the highest-rated products in the market proved so difficult to implement that they eventually gave up, without even having been able to properly evaluate its protection capabilities. By contrast, setting up DataDome via the Cloudflare app was a breeze.

“For the free trial, we could just turn the app on instantly,” Raymond recalls. “And once we had decided to subscribe, all it took was an onboarding session with a DataDome solutions engineer to make a few customizations and activate it. The whole process was excellent, very well planned and organized.”

Another factor which tipped the scales in DataDome’s favor was the reporting features. The dashboard provides real-time, detailed reports that address the needs of all stakeholders, from application security specialists to executives and e-commerce managers.

“It’s nice to deal with a product that I can easily find my way around, and which provides us with great insights,” says Josh. “That wasn’t the case with the competing products we evaluated. The DataDome dashboard is very intuitive and easy to use, so everyone can get the gist of what’s going on. Even our CEO is a great fan!”

The Results: Enhanced user experience, freed-up time.

Today, KnifeCenter’s overall bot traffic is significantly reduced (many bots simply give up when faced with efficient protection), and sustained DDoS attacks are a thing of the past. As a result, the team no longer needs to worry that bots are impacting the human user experience.

“In e-commerce, performance is everything. It directly impacts how well we do as a company,” Raymond observes. “So the number one benefit DataDome delivers is the certainty that our site performance isn’t negatively affected by bot traffic.”

Another KPI for user experience is false positives, which are now negligible.

“When we were implementing our mitigation rules in Cloudflare, we would often hear back from our customer service team, because people were complaining about getting Captchas”, says Raymond. “With DataDome, that doesn’t happen anymore. On a couple of occasions, partner bots like ScreamingFrog have been blocked because they hadn’t been allow-listed, but it just takes a click in the dashboard to give them access.”

Last, but not least, KnifeCenter’s bot protection now works in the background, with no need for manual interventions. Someone on the team will check the dashboard on a daily basis, but only for monitoring purposes.

“Even someone non-technical like me can go to the dashboard and see the scraping attacks and the DDoS attempts that have been blocked. It’s really nice to have that level of security,” Josh concludes.