Case Study: Ooreka Stops Denial of Service Attacks With DataDome

No more attacks

Content protected

Site always available & high-performing

DDoS Media & entertainment Scraping

Ooreka.fr is a prominent French website which offers content and advice on daily life and practical issues. The site educates users on 450 different topics, split into eight main categories: house, money, family, health, legal rights, career, vehicle and business.

With a monthly audience of 10 million unique visitors, Ooreka is nearing the top 50 most visited sites in France. It’s also one of the top 10 media sites measured by SEO rankings.

Written by a community of independent experts, the site’s 50,000 articles provide reliable answers to visitors’ questions. Complete guides, fact sheets, videos, letter and contract templates: every subject is addressed in a simple, lively and comprehensive way. Ooreka was created in 2007 and is a brand of FineMedia, a subsidiary of the SoLocal Group.

The Problem: DoS attacks & content scraping.

Paul Marcombes is Ooreka’s CTO. When he joined the company in 2017, his team was already well familiar with the bot traffic problem.

“We’re a major content site. We knew, of course, that our content was regularly stolen,” he comments. “We were not really worried about our SEO rankings, which remain excellent, but scraping is still an undesirable phenomenon.”

Indeed, for Ooreka, the main problem related to bot activity on the site was repeated attacks: a few times every year, the site became unavailable, typically for two to three hours.

“Our legacy architecture was very monolithic,” explains Paul Marcombes. “As a result, when bots were playing around with our forms, for example, it couldn’t keep up with the interaction processing, servers were overloaded, and the site went down.”

Service interruptions are never good for the reputation of a major site, neither with its users nor with Google.

“We had, for example, an attack that consisted of sending thousands of emails from our site,” Paul Marcombes recalls. “At that time, we simply disabled the feature that enabled article sharing by email. For a different type of attack, the solution could be throttling to limit the number of posting per second. But each attack requires a different response, which means we lose time and resources.”

By the way, the bots weren’t only targeting the Ooreka website, but also its APIs.

“Any customer contact point that requires interaction could bring down the site when the bot decided to hit,” says the CTO.

The Solution: DataDome identifies & blocks harmful bots.

Since Ooreka is a subsidiary of the SoLocal group, which already used the DataDome solution, the choice was natural. And if the IT team had a minor scare when the solution was activated—they found themselves blocked, too—the situation was quickly remedied by allow-listing Ooreka’s IP.

“We soon found everything in order,” Paul Marcombes reassures. “As the dashboard shows us real-time traffic status, we can observe good bot activity, and we can see that DataDome lets them pass.”

What I really like is that I can add rules in real time. For example, Pages Jaunes [Yellow Pages] needed to hit our API. We simply asked them to use a specific user agent, the user agent was allow-listed in DataDome, and in two minutes we were all set.

Paul Marcombes, CTO at Ooreka

The reports provided by the DataDome tool also enable users to analyze the CAPTCHA fill rate. The CAPTCHA is presented to visitors that are showing suspicious behavior. On Ooreka.fr, very few CAPTCHAs are actually filled, indicating an extremely low false-positive rate: DataDome’s AI easily distinguishes humans from bots, and doesn’t penalize legitimate visitors.

The Results: No more DoS attacks; peace of mind for the IT team.

For Paul Marcombes and the Ooreka IT team, the main benefit of the DataDome solution is the end of the DoS attacks: the site isn’t made unavailable anymore.

Bots are still trying to find a way around the barriers and attack in new ways, but thanks to the database that’s shared by all DataDome customers, new threats are quickly identified. As soon as a new undesirable bot is detected on a customer site, the DataDome algorithm is updated in real time, and all sites protected by the solution are immediately safe from the new threat.

“We’re migrating ooreka.fr to a new architecture, and I don’t want to spend time on the legacy website,” notes Paul Marcombes. “Thanks to the DataDome protection, it’s no longer necessary. We’ve migrated the content, but all interactions are still on the old site, and it runs without me having to worry about it. It works, I don’t need to think about it, that’s what I appreciate.”