A security device operating as a reverse proxy may detect malicious actions from a user. In such a case, the security device may alter communications between a client device, associated with the malicious user, and a server device (e.g., a web server), such that that malicious user is thwarted. For example, the security device may block the malicious user.