Anti-Bot

Overview

CloudGuard WAF's Anti-Bot engine aims at recognizing if the origin of incoming traffic to the protected web application was a human or an automatic script (such as a bot), and to allow blocking non-human activity when set to Prevent mode.

How to set up Anti-Bot

The Anti-Bot protection injects scripts to the response when a user performs a "GET" request, and uses the output of the injected script to analyze the behavior upon the "POST" request of the login page, as the user fills the login/registration forms.

A security administrator protecting a web application, needs to request the owner of the web application's API, for the following:

All URIs used to access login/registration pages (via the GET method).
All URIs used to POST the login/registration request/form.

The required data is URIs and not URLs, meaning the relative path of the GET/POST requests (without the domain name).

Once both the security administrator has both lists, the next steps are performed in the administration web application for CloudGuard WAF.

Step 2: Browse to Policy->Assets and edit the Web Application / API asset

Once the asset edit window opens, select the Anti Bot tab and click on Click to add a new Anti Bot Practice.

Click on the '+' sign in each of the 2 URI tables and add:

In the Injected URIs table - the login/registration "GET" URIs from step 1.
In the Validated URIs table - the login/registration "POST" URIs from step 1.

When making the first change to the default Web Application Best Practice's configuration such as setting URIs to activate the Web Bots security, you will be prompted to change the name of the Practice to your own custom practice name.

Step 3: Make sure the Mode of the Web Bots sub-practice is as desired

Setting the Mode to As Top Level means inheriting the primary mode of the practice.

Otherwise you can override it only for this specific sub-practice to Detect/Prevent/Disable.

Step 4: Enforce Policy

Click Enforce on the top banner of the Infinity Portal.

PreviousDDoS Protection NextAPI Protection

Last updated 2 months ago

Was this helpful?

hashtagOverview

hashtagHow to set up Anti-Bot

hashtagStep 1: Locate the exact URIs used by the login/registration forms of your web application

hashtagStep 2: Browse to Policy->Assets and edit the Web Application / API asset

hashtagStep 3: Add the list of login/registration URIs to inject scripts and URIs to validate

hashtagStep 3: Make sure the Mode of the Web Bots sub-practice is as desired

hashtagStep 4: Enforce Policy

Overview

How to set up Anti-Bot

Step 1: Locate the exact URIs used by the login/registration forms of your web application

Step 2: Browse to Policy->Assets and edit the Web Application / API asset

Step 3: Add the list of login/registration URIs to inject scripts and URIs to validate

Step 3: Make sure the Mode of the Web Bots sub-practice is as desired

Step 4: Enforce Policy