Bot Protection

Overview

The Anti-Bot module detects and mitigates automated traffic that may negatively impact applications, such as crawlers, scanners, brute-force bots, or scripted clients.

It provides monitoring and verification mechanisms to distinguish between legitimate human users and automated tools.

The Anti-Bot page displays all IP addresses that triggered bot-detection checks on any protected application.

Anti-Bot Logs Overview

This page lists detection events generated by the Anti-Bot engine.

Each row represents bot-like activity from a specific IP address interacting with a specific application.

For each event, the system displays:

• IP address

• Country of origin

• Targeted application

• Detection details (Hits / Verified)

• Duration of the bot activity

• Start time of the detection event

This overview allows administrators to quickly identify suspicious automated traffic patterns.

Detection Details

Each Anti-Bot event includes two key metrics:

Hits

The number of times an IP address triggered Anti-Bot detection checks.

Hits increase when client behavior resembles automation, such as:

• Sending too many requests in a short period

• Accessing suspicious or sensitive endpoints

• Missing or abnormal browser fingerprints

• Unusual or malformed HTTP header patterns

Verified

The number of times the Anti-Bot system successfully verified that the client was a real human, not a bot.

Verification methods may include:

• Browser challenge tests

• Behavioral analysis

• Fingerprint validation

If the Verified count is significantly lower than Hits, the traffic is likely automated.

Filters

Users can refine the displayed Anti-Bot events using the following filters:

IP Address

Filter results for a specific client IP.

Application

Display bot activity for a selected protected application only.

Start At / End At

Limit results to a specific date and time range.

Clear Filters

Reset all filters and return to the full list.

These filters help narrow down bot-related traffic for faster investigation.

Table Columns Explained

IP Address

The client IP generating bot-like behavior. Geolocation information is included to help identify foreign or suspicious sources.

Application

The application that the IP attempted to access during bot detection.

Detail

Displays:

• Total number of Anti-Bot detection Hits

• Total number of Verified human interactions

This provides a quick, at-a-glance assessment of whether the traffic is likely legitimate or automated.

Duration

The total time span during which the Anti-Bot event occurred.

Start At

The timestamp when the Anti-Bot system first detected suspicious automated activity.