Anti-Bot
This feature is available exclusively with an open-appsec Premium subscription.
open-appsec's Web Bots engine aims at recognizing if the origin of incoming traffic to the protected web application was a human or an automatic script (such as a bot), and to allow blocking non-human activity when set to Prevent mode.
How to set up open-appsec Anti-Bot
Step 1: Locate the exact URLs used by the login/registration forms of your web application
The Anti-Bot protection injects scripts to the response when a user performs a "GET" request, and uses the output of the injected script to analyze the behavior upon the "POST" request of the login page, as the user fills the login/registration forms.
A security administrator protecting a web application, needs to request the owner of the web application's API, for the following:
All URIs used to access login/registration pages (via the GET method).
All URIs used to POST the login/registration request/form.
The required data is URIs and not URLs, meaning the relative path of the GET/POST requests (without the domain name).
Once both the security administrator has both lists, the next steps are performed in the administration web application for CloudGuard AppSec.
Step 2: Browse to Assets and edit the Web Application asset
Once the asset edit window opens, select the "Anti Bot" tab and create a new "Anti Bot" practice.

Step 3: Add the list of login/registration URIs to inject scripts and URIs to validate
Click on the '+' sign in each of the 2 URI tables and add:
In the Injected URIs table - the login/registration "GET" URIs from step 1.
In the Validated URIs table - the login/registration "POST" URIs from step 1.
Step 3: Make sure the Mode of the Web Bots sub-practice is as desired
Setting the Mode to As Top Level means inheriting the primary mode of the practice.
Otherwise you can override it only for this specific sub-practice to Detect/Prevent/Disable.
Step 4: Enforce Policy
Click Enforce above the top banner of the open-appsec portal.
Last updated
Was this helpful?