Browser Fingerprinting: Cách Websites Phát Hiện Bots

Trở lại Tin tức
Tin tức
admin
February 4, 2026

Browser Fingerprinting: Cách Websites Phát Hiện Bots

Websites dùng browser fingerprinting để detect bots. Bài viết giải thích cách fingerprinting hoạt động và cách bypass.

Fingerprint Là Gì?

Fingerprint là tập hợp các đặc điểm unique của browser:

  • Canvas fingerprint
  • WebGL fingerprint
  • Audio fingerprint
  • Font list
  • Screen resolution
  • Timezone, language
  • Navigator properties

Các Tín Hiệu Bot Detection

// Websites check những thứ này:

// 1. WebDriver flag
navigator.webdriver  // true = automated

// 2. Missing plugins
navigator.plugins.length  // 0 = suspicious

// 3. Headless indicators
navigator.languages  // empty = headless

// 4. Automation tools
window.chrome  // undefined = not real Chrome
window._phantom  // PhantomJS

// 5. Inconsistent screen size
screen.width === 0  // headless

Canvas Fingerprinting

// Websites render hidden canvas và hash kết quả
function getCanvasFingerprint() {
    const canvas = document.createElement('canvas');
    const ctx = canvas.getContext('2d');
    
    ctx.textBaseline = 'top';
    ctx.font = '14px Arial';
    ctx.fillText('Hello, world!', 2, 2);
    
    return canvas.toDataURL();
}
// Mỗi browser/system tạo ra hash khác nhau

Playwright Stealth Mode

from playwright.sync_api import sync_playwright
from playwright_stealth import stealth_sync

with sync_playwright() as p:
    browser = p.chromium.launch(headless=True)
    page = browser.new_page()
    
    # Apply stealth
    stealth_sync(page)
    
    page.goto('https://bot.sannysoft.com')
    page.screenshot(path='stealth_test.png')
    browser.close()

Puppeteer Stealth

const puppeteer = require('puppeteer-extra');
const StealthPlugin = require('puppeteer-extra-plugin-stealth');

puppeteer.use(StealthPlugin());

(async () => {
    const browser = await puppeteer.launch({headless: true});
    const page = await browser.newPage();
    
    await page.goto('https://bot.sannysoft.com');
    await page.screenshot({path: 'test.png'});
    await browser.close();
})();

Manual Fingerprint Spoofing

from playwright.sync_api import sync_playwright

with sync_playwright() as p:
    browser = p.chromium.launch(
        headless=True,
        args=[
            '--disable-blink-features=AutomationControlled',
        ]
    )
    
    context = browser.new_context(
        viewport={'width': 1920, 'height': 1080},
        user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
        locale='vi-VN',
        timezone_id='Asia/Ho_Chi_Minh',
    )
    
    page = context.new_page()
    
    # Override webdriver
    page.add_init_script("""
        Object.defineProperty(navigator, 'webdriver', {
            get: () => undefined
        });
    """)

Undetected ChromeDriver

import undetected_chromedriver as uc

driver = uc.Chrome(headless=True)
driver.get('https://nowsecure.nl')
# Passes most bot detection

Best Practices

  • Dùng real browser fingerprints
  • Rotate fingerprints với sessions
  • Match fingerprint với proxy location
  • Human-like behavior (mouse, scroll)

VinaProxy + Anti-Fingerprinting

  • Residential IPs match real users
  • Consistent geo-fingerprints
  • Giá chỉ $0.5/GB

Dùng Thử Ngay →

admin