Skip to content

Getting Started

Blackwall's GateKeeper is a protective reverse proxy built around Blackwall bot and hacker detection technology. The core of the product is the Nginx web server which proxies the requests from the outer web to your server, hiding it from bots, hacker attacks, and other kinds of unwanted visitors. We use customized Nginx build that offers additional features:

  • Blackwall Nginx module
  • HTTP/3 (QUIC)
  • OpenSSL 3.0
  • TLS 1.3
  • Brotli compression
  • SSL management (Let’s Encrypt)
  • Content caching
  • L7 DDoS protection
  • Client rate limiting

Everything works out of the box. You can start using GateKeeper with zero SSH/console experience and you can manage it via web application.

Step 1 - Install GateKeeper

As a prerequisite to installing Blackwall's GateKeeper, you must have Debian installed cleanly on your system at a minmum of version 12. Then you must add the default recommended Blackwall GateKeeper Debian repository and install packages, as described in the following steps:

Need to install from the Early Access / Test repository?

For step-by-step instructions on this type of installation, see the FAQ entry How do I get Beta / Early-Access to GateKeeper?

  1. Import the Blackwall package digital signature key by executing the following two commands:

    apt-get update && apt install -y sudo curl gpg ca-certificates lsb-release apt-utils apt-transport-https

    curl -fsSL https://repo.botguard.net/botguard.gpg | gpg --dearmor > /usr/share/keyrings/botguard.gpg

  2. Add the Blackwall production repository to your system repositories by executing the following two commands:

    echo "deb [signed-by=/usr/share/keyrings/botguard.gpg] https://repo.botguard.net/debian $(lsb_release -cs) gatekeeper" | tee /etc/apt/sources.list.d/botguard-gatekeeper.list
    3. Install the latest version of Blackwall's GateKeeper by executing the following two commands in sequence:

    apt update

    apt install botguard-gatekeeper

  3. Reboot your server to apply the changes to your operating system.

Step 2 - Log in to the GateKeeper UI

Following installation, you must configure Blackwall's GateKeeper via browser.

  1. Obtain your Blackwall account API key, which is available at your Blackwall dashboard. Refer to Blackwall account credentials for guidance how to access your API key.
  2. In your browser address bar, type the IP address of the deployed GateKeeper instance that you wish to configure (http://your.instance.ip.address) and click Enter.
  3. Then, you are prompted to enter your API key or register a new Blackwall account to obtain one. Use the API key copied in Step 1.

  4. After entering a valid API key, the page refreshes and prompts you to enter the username and the password. Use your email address as the username, and your API key as the password.

    Protect your API Key

    Your key is the equivalent of a username and password that grants access to all of your website data. Treat it as carefully as any other password. Blackwall strongly recommends that you never use your API Key in your browser. It's only intended for use when accessing the API programmatically.

Step 3 - Protect Your First Site

Domain validation

When adding a website through the API or in the user interface (UI), BotGuard now validates the domain to ensure that it is active and resolvable. Attempting to add a non-existent domain will result in an error. Additionally, DNS records must be updated to verify domain ownership. Anyone who has the API key can add any website to their account, but nothing happens until the domain owner changes the DNS values. This approach aligns with industry practices, as domain validation is essential to confirm ownership and functionality before proceeding.

To proceed with domain setup, refer to Adding a Domain documentation.

Feedback