Edge Security
  • Overview
  • DDoS Protection
    • DDoS Protection Overview
    • Exclusive DDoS Protection Usage
    • Configuration of Exclusive DDoS protection Rules
      • Increase DDoS Protection Level
      • Exclusive DDoS Traffic Alarm
      • Configuration IP blocklist/allowlist
      • Configuration Region Blocking Rule
      • Configuration Port Filtering
      • Configuration Features Filtering
      • Configuration Protocol Blocking Rule
      • Configuration Connections Attack Protection
      • Related References
        • Action
        • Related Concepts Introduction
  • Web Protection
    • Overview
    • Managed rules
    • CC attack defense
    • Custom rule
    • Custom Rate Limiting Rules
    • Exception Rules
    • Managed Custom Rules
    • Web security monitoring alarm
    • Refer
      • Web Protection Request Processing Order
      • Action
      • Match Condition
  • Bot Management
    • Overview
    • Bot Intelligent analysis
    • Bot Basic Feature Management
    • Client Reputation
    • Active Detection
    • Custom Bot Rule
    • Bot Exception Rule
    • Related References
      • Action
  • Rules Template
  • IP and IP Segment Grouping
  • Origin Protection
  • Custom Response Page
  • Alarm Notification
  • SSL/TLS
    • Overview
    • Deploying/Updating SSL Certificate for A Domain Name
    • Configuring A Free Certificate for A Domain Name
    • HTTPS Configuration
      • Forced HTTPS Access
      • Enabling HSTS
      • SSL/TLS Security Configuration
        • Configuring SSL/TLS Security
        • TLS Versions and Cipher Suites
      • Enabling OCSP Stapling

Bot Exception Rule

Overview

The bot management exception rules provide an allowlist configuration option for the bot management module, allowing for quick configuration to release valid bot access. Once released, all other bot rule modules will be skipped, avoiding valid requests being disposed of by other bot rules.
Note:
This function is only supported by subscribing to the EdgeOne bot management option.

Scenario: Releasing valid monitoring tool requests

Example Scenario

In order to check the operation of the domain name api.example.com, a monitoring tool is deployed on a device with a client IP of 12.12.12.12, periodically accessing the API and observing service performance and availability. Since the monitoring tool does not have a complete browser kernel, it mainly uses the cURL external tool library for access, and has periodic high-frequency access characteristics. To avoid the monitoring tool being blocked wrongly, its features can be added to the bot management exception rules.

Directions

1. Log in to the EdgeOne console and click Site List in the left sidebar. In the site list, click the target site to enter the site details page.
2. On the site details page, click Security Protection > Bot Management to enter the bot management details page.
3. In the exception rules of bot management, click Set to enter the exception rule setting page.



4. Click Add Rule, enter the rule name, select the match condition as the client IP matching 12.12.12.12, and perform the action to skip all bot management module rules.



5. Click OK to issue and make the exception rule effective.