How to bypass Akamai

Akamai Bot Manager (BMP) protects some of the largest platforms (Nike, Amazon, Asos) and stands as one of the most sophisticated systems on the market. Unlike classic WAFs, it doesn't just ban you for rate limiting; it builds a comprehensive Trust Score, analyzing everything from the transport-layer cryptographic stack to the micro-fluctuations of mouse movements.

This article breaks down exactly how Akamai detects automation, why basic methods no longer work, and what engineering solutions are deployed to bypass these protections.

In some cases, companies have an objective need to bypass Akamai's defense mechanisms—primarily for legitimate testing, QA, business process automation, and researching the resilience of their own infrastructure. If you're interested in bypassing it, reach out via the contact form on our website, and we'll develop the optimal solution for your needs.

1. Transport Layer: The Death of JA3 and the Anatomy of JA4 Fingerprints

For a long time, bot operators relied on forging JA3 TLS fingerprints, but today, JA3 is officially dead. Modern browsers have started randomizing the order of TLS extensions on every request, making the old format completely obsolete.

Enter the JA4 format, which accounts for this randomization and deeply analyzes ClientHello packets.
Analyzing Machine Learning models (XGBoost and CatBoost) on real datasets (JA4DB) reveals that only three key parameters carry the most weight for anti-bot systems:

1. ja4_b: The hash of the supported cipher suite list (the strongest indicator).
2. cipher_count: The total number of declared ciphers.
3. ext_count: The number of TLS extensions.

The Devil is in HTTP/2 and Cross-Checking:
Even if a script perfectly spoofs JA4, Akamai uses JA4H_ab—a consistency cross-check between TLS and HTTP headers. For example, if the TLS fingerprint claims to be a legitimate desktop browser, but the HTTP request is missing the Accept-Language header, the system instantly classifies the connection as automated. Furthermore, it strictly validates the order of SETTINGS frames in the HTTP/2 protocol and the exact sequence of ClientHello extensions. Base libraries (like Python's requests or standard curl) have specific fingerprints that immediately give the bot away.

2. Environment Traps (sensor_data) and AST Interpretation

The bulk of the validation happens on the client side. The Akamai script collects a massive array of browser data (sensor_data) and sends it to the server to generate the _abck and bm_sz tokens. The script is protected by multi-layered dynamic obfuscation, Control Flow Flattening, and JS-Fuck constructs.

Among dozens of browser checks (presence of webdriver flags, Selenium and PhantomJS variables), these non-obvious traps stand out:

• The Hardware Paradox (WebGL): Akamai rigorously filters out server-grade graphics cards. To successfully generate bypass data, you must mask the GPU as a consumer solution using the ANGLE translator, for instance: ANGLE (your GPU here Direct3D11 ps_5_0 vs_5_0).
• Isolated Environments (iframes): The anti-bot creates hidden frames and uses tricks to check the environment's reaction. Due to a historical bug in Stealth plugins (which caused recursion), bot developers often overrode the srcdoc setter to ignore new values. Akamai generates a random number (rndInt), tries to set it in the frame, and immediately checks the result (frame.srcdoc !== rndInt). If the setter didn't fire, it's emulation.
• Integrity Checks (toString): If you try to hide bot traces by overriding native functions via JS, the script will call toString(), check substring positions, and perform mathematical operations on them. The slightest mismatch throws the process into an infinite loop.

How They Bypass It (AST Deobfuscation):
Technical specialists write custom Abstract Syntax Tree (AST) interpreters based on Babel and JSDOM. This allows them to step through each script node in an isolated environment, intercept toString() calls, and swap them out so they return the original, unformatted code of the security script.

3. The Math of Biometrics: The Secret of EWMA Smoothing

Analyzing mouse movements (MACT) is one of the hardest parts of the defense. Simple Bezier curves don't work well because they are too "mathematical." However, one popular mouse generator successfully fooled Akamai for about two years thanks to a mathematical fluke.

The secret lay in the Exponentially Weighted Moving Average (EWMA) with a coefficient of λ = 0.955. The algorithm generated polylines (segments with constant speed), but the EWMA function smoothed their transitions. By pure chance, this smoothing generated a velocity profile that appeared visually and mathematically indistinguishable from a human.

Asymmetric Loss Function in ML Models:
Akamai learned to reconstruct the original signal by reversing the EWMA formula to detect segments with an anomalously constant speed (variance analysis). They use Gradient Boosting Trees (like LightGBM) for classification.
The main defense innovation here is a custom loss function. To avoid blocking real buyers (False Positives), the algorithm is heavily penalized for mistakes: if the model incorrectly flags a real human as a bot, the base error is multiplied by 100. This forces the neural network to let questionable sessions pass to preserve a clean user experience.

In response, bot developers today use Machine Learning Pre-screening. They train their own models locally on Akamai flags, generate thousands of mouse movement variations, and send the anti-bot only those that the local neural network rated as 100% "human."

4. Architectural Vulnerabilities: HTTP Desync and Direct-to-Origin

WAFs and bot management systems (like Akamai Ghost) are vulnerable at the balancing architecture level.

• HTTP Request Smuggling (Desync): If the Akamai frontend and the backend (Origin) parse request boundaries differently (e.g., the simultaneous presence of Content-Length and Transfer-Encoding), an attacker can "smuggle" a malicious HTTP request inside a legitimate one (CL.TE or TE.CL vectors). Akamai Ghost passes the outer request as safe, and the backend processes the hidden payload.
• Direct-to-Origin: A basic configuration flaw. Attackers often simply find the real IP address of the server, bypassing Akamai, and send requests directly. If the backend doesn't use a strict ACL, cryptographic header signing, or mTLS, the CDN protection is completely meaningless.

5. _abck Cookie Operational Limits and Infrastructure

Generating perfect telemetry is only half the battle. The other half hits hard server limits on managing the _abck token:

• Generation Limit: If you send invalid or "dirty" sensor data, Akamai blocks the ability to generate new cookies for your IP address after just 10 attempts.
• Short Session Life: Even a validly generated _abck cookie only lives for about 5 HTTP requests. After that, it's flagged as suspicious, and the script must rebuild sensor data and renew the session.
• Infrastructure: Akamai heavily penalizes (negative Trust Score) connections from data centers (AWS, DigitalOcean, etc.). For a successful bypass, using premium rotating residential or mobile proxies is absolutely critical.

Summary: Request Forging vs. Heavy Browsers

The era of using basic Puppeteer and plugins like playwright-stealth is fading. These tools are heavy, leave deep traces in V8 and protocols (CDP), and are easily detected by Akamai's deep analysis.

The automation industry is shifting to Request Forging. Specialists deobfuscate the sensor_data collection logic, run the extracted and modified code inside lightweight, isolated environments (Node.js) to generate tokens, and send the actual network requests via specialized clients (e.g., based on Go or Rust). These clients mathematically spoof the TLS handshakes (JA4) and HTTP/2 frames of real browsers.

---

Would you like me to adjust the tone of the translation further, perhaps making it more formal or more conversational?