# Anti-Bot

{% hint style="success" %}
This feature is available exclusively with an open-appsec Premium subscription.
{% endhint %}

open-appsec's **Web Bots** engine aims at recognizing if the origin of incoming traffic to the protected web application was a human or an automatic script (such as a bot), and to allow blocking non-human activity when set to **Prevent** mode.

## How to set up open-appsec Anti-Bot

#### Step 1: Locate the exact URLs used by the login/registration forms of your web application

The Anti-Bot protection injects scripts to the response when a user performs a "GET" request, and uses the output of the injected script to analyze the behavior upon the "POST" request of the login page, as the user fills the login/registration forms.

A security administrator protecting a web application, needs to request the owner of the web application's API, for the following:

* All **URIs** used to access login/registration pages (via the GET method).
* All **URIs** used to POST the login/registration request/form.

{% hint style="warning" %}
The required data is URIs and not URLs, meaning the relative path of the GET/POST requests (without the domain name).
{% endhint %}

Once both the security administrator has both lists, the next steps are performed in the administration web application for CloudGuard AppSec.

#### Step 2: Browse to Assets and edit the Web Application asset&#x20;

Once the asset edit window opens, select the "**Anti Bot**" tab and create a new "**Anti Bot**" practice.

<figure><img src="/files/gWllZvC902SJNX1lsEEb" alt=""><figcaption></figcaption></figure>

#### Step 3: Add the list of login/registration URIs to inject scripts and URIs to validate

Click on the '**+**' sign in each of the 2 URI tables and add:

* In the **Injected URIs** table - the login/registration "GET" URIs from step 1.
* In the **Validated URIs** table - the login/registration "POST" URIs from step 1.

#### Step 3: Make sure the Mode of the Web Bots sub-practice is as desired

Setting the Mode to **As Top Level** means inheriting the primary mode of the practice.

Otherwise you can override it only for this specific sub-practice to **Detect**/**Prevent**/**Disable**.

#### Step 4: Enforce Policy

Click **Enforce** above the top banner of the open-appsec portal.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.openappsec.io/additional-security-engines/anti-bot.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.