Action
The bot management module provides multiple action methods. The processing rules for different action methods are as follows:
Action | Purpose | Action description | Subsequent action |
Block | Used to block request access to the site (including Cache or non-Cache content). | Responded with an intercept page and intercept status code. | No longer match other Rules. |
Allow | Used to skip the remaining rules of the current Security module. | In the current module, the remaining rules no longer match the request. | Continue to match other Effective rules. |
Observe | Used for evaluating or Canary security policy. | Only records log, does not take action. | Continue to match other rules. |
JavaScript challenge | Used to identify Clients that do not support JavaScript Note 1, commonly found in DDoS attack sources, scanning tools, etc. | Responded with a redirect (HTTP 302) page, the page carries JavaScript code to verify the browser behavior of the Client, and only visitors who pass the verification can continue to access. | Requests that pass the challenge continue to match other rules. |
Managed challenge | Used for bot confrontation, first perform JavaScript challenge verification, and then perform CAPTCHA human-machine verification for requests that pass the verification. | First, perform a JavaScript challenge; for Clients that pass the verification, respond with a redirect (HTTP 302) page, carry a CAPTCHA verification, and the user completes the verification through interactive operation. Only visitors who pass both verifications can continue to access. | Requests that pass the challenge continue to match other rules. |
Drop w/o response | Belongs to a more intense bot confrontation mechanism, limiting bot concurrent ability by consuming bot network connections. | Maintain TCP connections, but no longer respond to any HTTP Data. | No longer match other management strategies. |
Add short latency | Randomly wait 1-5 seconds before responding. | No longer match other management strategies. | |
Add long latency | Randomly wait 8-10 seconds before responding. | No longer match other management strategies. |
Note:
Note 1:
Browser Clients that support JavaScript can normally pass the JavaScript challenge verification, while Clients that do not support JavaScript (such as cURL) cannot pass the verification.
Note 2:
Generally speaking, when bot operators detect that their bots are being restricted by bot management policies, they may adjust the characteristics of their bots to bypass bot policies, thereby increasing the difficulty of bot identification. Therefore, long-term operational bot confrontation mechanisms usually have obfuscation features, that is, it is difficult for bot operators to intuitively judge whether their bots are restricted by bot management policies. Confrontation mechanisms with obfuscation features can reduce the cost and difficulty of bot operators without increasing the difficulty of bot identification.Supports multiple action methods for random execution
Random execution of multiple action methods can help your bot management strategy achieve higher obfuscation intensity, making it more difficult for bot operators to detect. Custom bot rules support the use of multiple action methods to handle requests, and you can configure multiple action methods and their corresponding weights. When the rule matches the request, one of the action methods will be randomly selected for processing based on the weight configuration.
Note:
This capability is only available for configuration within custom bot rules.