diff --git a/public/__redirects b/public/__redirects index e58786e463b88a6..54d39502bcde819 100644 --- a/public/__redirects +++ b/public/__redirects @@ -178,16 +178,27 @@ /api-shield/security/sequential-abuse-detection/ /api-shield/security/sequence-analytics/ 301 # bots -/bots/about/javascript-detections/ /bots/reference/javascript-detections/ 301 /bots/about/plans/ /bots/plans/ 301 /bots/about/plans/biz-and-ent/ /bots/plans/biz-and-ent/ 301 /bots/about/plans/bm-subscription/ /bots/plans/bm-subscription/ 301 /support/firewall/tools/cloudflare-bot-products-faqs/ /bots/troubleshooting/ 301 /support/other-languages/deutsch/cloudflare-bot/ /bots/troubleshooting/ 301 -/bots/concepts/ja3-fingerprint/ /bots/concepts/ja3-ja4-fingerprint/ 301 /bots/reference/verified-bot-categories/ /bots/concepts/bot/verified-bots/categories/ 301 /bots/reference/verified-bot-policy/ /bots/concepts/bot/verified-bots/policy/ 301 /bots/concepts/challenge-solve-rate/ /fundamentals/security/cloudflare-challenges/challenge-solve-rate/ 301 +/bots/concepts/detection-ids/ /bots/additional-configurations/detection-ids/ 301 +/bots/concepts/ja3-ja4-fingerprint/ /bots/additional-configurations/ja3-ja4-fingerprint/ 301 +/bots/concepts/signals-intelligence/ /bots/additional-configurations/ja3-ja4-fingerprint/signals-intelligence/ 301 +/bots/reference/javascript-detections/ /bots/additional-configurations/javascript-detections/ 301 +/bots/concepts/sequence-rules/ /bots/additional-configurations/sequence-rules/ 301 +/bots/reference/static-resources/ /bots/additional-configurations/static-resources/ 301 +/bots/bot-analytics/biz-and-ent/ /bots/bot-analytics/ 301 +/bots/bot-analytics/bm-subscription/ /bots/bot-analytics/ 301 +/bots/concepts/cloudflare-bot-tags/ /bots/concepts/bot-tags/ 301 +/bots/get-started/biz-and-ent/ /bots/get-started/super-bot-fight-mode/ 301 +/bots/get-started/free/ /bots/get-started/bot-fight-mode/ 301 +/bots/get-started/bm-subscription/ /bots/get-started/bot-management/ 301 +/bots/get-started/pro/ /bots/get-started/super-bot-fight-mode/ 301 #browser-rendering /browser-rendering/get-started/browser-rendering-with-do/ /browser-rendering/workers-binding-api/browser-rendering-with-do/ 301 diff --git a/src/content/docs/api-shield/security/sequence-mitigation/custom-rules.mdx b/src/content/docs/api-shield/security/sequence-mitigation/custom-rules.mdx index 7d638da95cd26d1..83478b4662c8b89 100644 --- a/src/content/docs/api-shield/security/sequence-mitigation/custom-rules.mdx +++ b/src/content/docs/api-shield/security/sequence-mitigation/custom-rules.mdx @@ -10,7 +10,7 @@ import { GlossaryTooltip, Render } from "~/components" API Shield sequence custom rules use the configured API Shield session identifier to track the order of requests a user has made and the time between requests, and makes them available via [Cloudflare Rules](/rules). This allows you to write rules that match valid or invalid sequences. -These rules are different from [cookie sequence rules](/bots/concepts/sequence-rules/) in a few ways: +These rules are different from [cookie sequence rules](/bots/additional-configurations/sequence-rules/) in a few ways: - They only require an API Shield subscription. - They require [session identifiers](/api-shield/get-started/#session-identifiers) to be set in API Shield. diff --git a/src/content/docs/bots/concepts/detection-ids.mdx b/src/content/docs/bots/additional-configurations/detection-ids.mdx similarity index 99% rename from src/content/docs/bots/concepts/detection-ids.mdx rename to src/content/docs/bots/additional-configurations/detection-ids.mdx index d9b657f4d2e1f1a..d7f9686da74a17e 100644 --- a/src/content/docs/bots/concepts/detection-ids.mdx +++ b/src/content/docs/bots/additional-configurations/detection-ids.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: concept title: Detection IDs - +sidebar: + order: 2 --- import { Render } from "~/components" diff --git a/src/content/docs/bots/additional-configurations/index.mdx b/src/content/docs/bots/additional-configurations/index.mdx new file mode 100644 index 000000000000000..f27457ba3fa66e7 --- /dev/null +++ b/src/content/docs/bots/additional-configurations/index.mdx @@ -0,0 +1,16 @@ +--- +title: Additional configurations +pcx_content_type: navigation +sidebar: + order: 5 + group: + hideIndex: true +head: + - tag: title + content: Additional Bots configurations + +--- + +import { DirectoryListing } from "~/components" + + diff --git a/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx b/src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/index.mdx similarity index 97% rename from src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx rename to src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/index.mdx index 65da4e485388f2d..a92e49b8ce44e6b 100644 --- a/src/content/docs/bots/concepts/ja3-ja4-fingerprint.mdx +++ b/src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/index.mdx @@ -1,6 +1,8 @@ --- pcx_content_type: concept title: JA3/JA4 fingerprint +sidebar: + order: 1 --- @@ -78,7 +80,7 @@ This sample was generated using [Workers' Cloudflare Object script](/workers/exa To get more information about potential bot requests, use these JA3 and JA4 fingerprints in: -- [Bot Analytics](/bots/bot-analytics/bm-subscription/) +- [Bot Analytics](/bots/bot-analytics/#enterprise-bot-management) - [Security Events](/waf/analytics/security-events/) and [Security Analytics](/waf/analytics/security-analytics/) - [Analytics GraphQL API](/analytics/graphql-api/), specifically the **HTTP Requests** dataset - [Logs](/logs/reference/log-fields/zone/http_requests/) diff --git a/src/content/docs/bots/concepts/signals-intelligence.mdx b/src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/signals-intelligence.mdx similarity index 91% rename from src/content/docs/bots/concepts/signals-intelligence.mdx rename to src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/signals-intelligence.mdx index 14bc77c0d20c49b..accf1a3b59a9872 100644 --- a/src/content/docs/bots/concepts/signals-intelligence.mdx +++ b/src/content/docs/bots/additional-configurations/ja3-ja4-fingerprint/signals-intelligence.mdx @@ -1,12 +1,13 @@ --- pcx_content_type: concept title: Signals Intelligence - +sidebar: + order: 1 --- import { Render } from "~/components" -For every available [JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/), Bot Management customers can view how Cloudflare sees it on the Internet and what behavior we view with the fingerprint. This data can help you understand why a request is scored in a particular fashion or allow you to use the aggregate data in your own ML models, run in either [Cloudflare Workers](/workers/) or at the origin location. +For every available [JA4 fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/), Bot Management customers can view how Cloudflare sees it on the Internet and what behavior we view with the fingerprint. This data can help you understand why a request is scored in a particular fashion or allow you to use the aggregate data in your own ML models, run in either [Cloudflare Workers](/workers/) or at the origin location. Specifically, for each JA4 fingerprint, you will be able to access the following information: diff --git a/src/content/docs/bots/reference/javascript-detections.mdx b/src/content/docs/bots/additional-configurations/javascript-detections.mdx similarity index 98% rename from src/content/docs/bots/reference/javascript-detections.mdx rename to src/content/docs/bots/additional-configurations/javascript-detections.mdx index cec48aeb22b45c8..26b515ec427d31a 100644 --- a/src/content/docs/bots/reference/javascript-detections.mdx +++ b/src/content/docs/bots/additional-configurations/javascript-detections.mdx @@ -2,8 +2,8 @@ type: overview pcx_content_type: reference title: JavaScript detections -weight: 0 - +sidebar: + order: 6 --- import { Render } from "~/components" diff --git a/src/content/docs/bots/concepts/sequence-rules.mdx b/src/content/docs/bots/additional-configurations/sequence-rules.mdx similarity index 98% rename from src/content/docs/bots/concepts/sequence-rules.mdx rename to src/content/docs/bots/additional-configurations/sequence-rules.mdx index 3855ee3bbfda1e4..4880c8cb61f730c 100644 --- a/src/content/docs/bots/concepts/sequence-rules.mdx +++ b/src/content/docs/bots/additional-configurations/sequence-rules.mdx @@ -1,12 +1,13 @@ --- pcx_content_type: reference title: Sequence rules - +sidebar: + order: 4 --- import { Render } from "~/components" - + Sequence rules is currently in private beta. If you would like to be included in the beta, contact your account team. diff --git a/src/content/docs/bots/reference/static-resources.mdx b/src/content/docs/bots/additional-configurations/static-resources.mdx similarity index 98% rename from src/content/docs/bots/reference/static-resources.mdx rename to src/content/docs/bots/additional-configurations/static-resources.mdx index dd3a63c80432642..33245a9da35b2f8 100644 --- a/src/content/docs/bots/reference/static-resources.mdx +++ b/src/content/docs/bots/additional-configurations/static-resources.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: reference title: Static resource protection -weight: 0 +sidebar: + order: 7 --- diff --git a/src/content/docs/bots/bot-analytics/biz-and-ent.mdx b/src/content/docs/bots/bot-analytics.mdx similarity index 54% rename from src/content/docs/bots/bot-analytics/biz-and-ent.mdx rename to src/content/docs/bots/bot-analytics.mdx index 248a854a3fd1d32..b8c7c4d88e98ede 100644 --- a/src/content/docs/bots/bot-analytics/biz-and-ent.mdx +++ b/src/content/docs/bots/bot-analytics.mdx @@ -1,25 +1,27 @@ --- -title: Business -pcx_content_type: reference +title: Bot Analytics +pcx_content_type: navigation sidebar: - order: 3 + order: 5 head: - tag: title - content: Super Bot Fight Mode (Business) Analytics + content: Cloudflare Bot Analytics --- import { GlossaryTooltip, Render } from "~/components" +## Business and Enterprise + Business and Enterprise customers without Bot Management can use **Bot Analytics** to dynamically examine bot traffic. These dashboards offer less functionality than Bot Management for Enterprise but still help you understand bot traffic on your domain. -## Access +### Access To use Bot Analytics, open the Cloudflare dashboard and select **Security** > **Bots**. ![View Bot Analytics in the Cloudflare dashboard. For more details, keep reading.](~/assets/images/bots/bot-analytics-dashboard-biz.png) -## Features +### Features For a full tour of Bot Analytics, see [our blog post](https://blog.cloudflare.com/introducing-bot-analytics/). At a high level, the tool includes: @@ -31,7 +33,7 @@ Bot Analytics shows up to 72 hours of data at a time and can display data up to -## Common uses +### Common uses Business and Enterprise customers without Bot Management can use Bot Analytics to: @@ -39,4 +41,35 @@ Business and Enterprise customers without Bot Management can use Bot Analytics t - Study recent attacks to find trends and detailed information - Learn more about Cloudflare’s detection engines with real data -For more details and granular control over bot traffic, consider upgrading to [Bot Management for Enterprise](/bots/bot-analytics/bm-subscription/). +For more details and granular control over bot traffic, consider upgrading to [Bot Management for Enterprise](/bots/bot-analytics/#enterprise-bot-management). + +## Enterprise Bot Management + +Enterprise customers with Bot Management can use **Bot Analytics** to dynamically examine bot traffic. + +### Access + +To use Bot Analytics, open the Cloudflare dashboard and select **Security** > **Bots**. + +![View Bot Analytics in the Cloudflare dashboard. For more details, keep reading.](~/assets/images/bots/bot-analytics-dashboard-ent.png) + +### Features + + + + + +### Common uses + +Bot Management customers can use Bot Analytics to: + +- Understand traffic during [your onboarding phase](/bots/get-started/bot-management/). +- Tune WAF custom rules to be effective but not overly aggressive. +- Study recent attacks to find trends and detailed information. +- Learn more about Cloudflare’s detection engines with real data. + +### API + +Data from Bot Analytics is also available via the GraphQL API. You can access bot scores, bot sources, bot tags, and bot _decisions_ (_automated_, _likely automated_, etc.), and more. + +Read the [GraphQL Analytics API documentation](/analytics/graphql-api/) for more information about GraphQL and basic querying. diff --git a/src/content/docs/bots/bot-analytics/bm-subscription.mdx b/src/content/docs/bots/bot-analytics/bm-subscription.mdx deleted file mode 100644 index e9c35978f24670d..000000000000000 --- a/src/content/docs/bots/bot-analytics/bm-subscription.mdx +++ /dev/null @@ -1,41 +0,0 @@ ---- -title: Enterprise Bot Management -pcx_content_type: reference -sidebar: - order: 4 -head: - - tag: title - content: Bot Management for Enterprise Analytics - ---- - -import { GlossaryTooltip, Render } from "~/components" - -Enterprise customers with Bot Management can use **Bot Analytics** to dynamically examine bot traffic. - -## Access - -To use Bot Analytics, open the Cloudflare dashboard and select **Security** > **Bots**. - -![View Bot Analytics in the Cloudflare dashboard. For more details, keep reading.](~/assets/images/bots/bot-analytics-dashboard-ent.png) - -## Features - - - - - -## Common uses - -Bot Management customers can use Bot Analytics to: - -- Understand traffic during [your onboarding phase](/bots/get-started/bm-subscription/). -- Tune WAF custom rules to be effective but not overly aggressive. -- Study recent attacks to find trends and detailed information. -- Learn more about Cloudflare’s detection engines with real data. - -## API - -Data from Bot Analytics is also available via the GraphQL API. You can access bot scores, bot sources, bot tags, and bot _decisions_ (_automated_, _likely automated_, etc.), and more. - -Read the [GraphQL Analytics API documentation](/analytics/graphql-api/) for more information about GraphQL and basic querying. diff --git a/src/content/docs/bots/bot-analytics/index.mdx b/src/content/docs/bots/bot-analytics/index.mdx deleted file mode 100644 index 339e00e219e65eb..000000000000000 --- a/src/content/docs/bots/bot-analytics/index.mdx +++ /dev/null @@ -1,16 +0,0 @@ ---- -title: Bot Analytics -pcx_content_type: navigation -sidebar: - order: 5 -head: - - tag: title - content: Cloudflare Bot Analytics - ---- - -import { DirectoryListing } from "~/components" - -Business and Enterprise customers can use **Bot Analytics** to dynamically examine bot traffic. - - diff --git a/src/content/docs/bots/concepts/bot-detection-engines.mdx b/src/content/docs/bots/concepts/bot-detection-engines.mdx new file mode 100644 index 000000000000000..9a39b2f93137dd7 --- /dev/null +++ b/src/content/docs/bots/concepts/bot-detection-engines.mdx @@ -0,0 +1,35 @@ +--- +pcx_content_type: navigation +title: Bot detection engines +sidebar: + order: 5 + +--- + +import { Render } from "~/components" + +## Heuristics + + + +## JavaScript detections + + + +JSD is completely optional. To adjust your settings, configure Super Bot Fight Mode from **Security** > **Bots**. + +## Machine Learning (Business and Enterprise) + + + +The ML engine identifies _likely automated_ traffic. + +## Anomaly detection (Enterprise) + + + +## Notes on detection + + + + \ No newline at end of file diff --git a/src/content/docs/bots/concepts/bot-score/index.mdx b/src/content/docs/bots/concepts/bot-score.mdx similarity index 100% rename from src/content/docs/bots/concepts/bot-score/index.mdx rename to src/content/docs/bots/concepts/bot-score.mdx diff --git a/src/content/docs/bots/concepts/cloudflare-bot-tags.mdx b/src/content/docs/bots/concepts/bot-tags.mdx similarity index 77% rename from src/content/docs/bots/concepts/cloudflare-bot-tags.mdx rename to src/content/docs/bots/concepts/bot-tags.mdx index 9715307fb1757be..2fa5f1533a572d1 100644 --- a/src/content/docs/bots/concepts/cloudflare-bot-tags.mdx +++ b/src/content/docs/bots/concepts/bot-tags.mdx @@ -1,7 +1,7 @@ --- type: overview pcx_content_type: reference -title: Bot Tags +title: Bot tags sidebar: order: 3 @@ -20,7 +20,7 @@ Bot tags are only available to Enterprise customers who have purchased Bot Manag ## Potential values -Once you [enable Bot Tags](#enable-bot-tags), you can see more information about bot requests, such as whether a request came from a verified bot (like Bing) or a category of verified bot (like SearchEngine). +Once you [enable bot tags](#enable-bot-tags), you can see more information about bot requests, such as whether a request came from a verified bot (like Bing) or a category of verified bot (like SearchEngine). @@ -30,6 +30,6 @@ To enable bot tags, include the `BotTags` log field when using our [Logpush serv ## Limitations -Currently, Bot Tags are only available in log fields. +Currently, bot tags are only available in log fields. -Future work will add more values and extend Bot Tags to other Cloudflare products. +Future work will add more values and extend bot tags to other Cloudflare products. diff --git a/src/content/docs/bots/concepts/feedback-loop.mdx b/src/content/docs/bots/concepts/feedback-loop.mdx index be44b69b699bb3d..44381de1657d1fe 100644 --- a/src/content/docs/bots/concepts/feedback-loop.mdx +++ b/src/content/docs/bots/concepts/feedback-loop.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: concept title: Bot Feedback Loop - +sidebar: + order: 4 --- import { GlossaryTooltip } from "~/components" @@ -212,7 +213,7 @@ The instructions below apply to Enterprise subscription with Bot Management only After submitting a false positive, you can explicitly allow the traffic if you are confident that this traffic source cannot be used for abuse in the future. To allow traffic, you can create a WAF custom rule with a [Skip the remaining custom rules](/waf/custom-rules/skip/options/) action that matches the characteristics of your false positive report. We recommend any skip rule that you create uses the most narrow possible scope, including restricting the request methods and URIs that the expected traffic has access to, to limit potential abuse. -* Allowing a **[JA3/JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/)**: If you want to allow access to a stable software client that does not come from a dedicated IP, you can do so by looking up the JA3 fingerprint(s) used by that client in the Bot Analytics dashboard, and creating a WAF custom rule to allow traffic based on that JA3 fingerprint. JA3 fingerprints will only match a client’s TLS library, so be cautious in looking for both overlap with other clients and with variation based on the operating system.

Cloudflare does not recommend relying on JA3 rules for mobile applications that may be abused. If you have questions about how to securely allow traffic from your mobile application, please contact your account team. +* Allowing a **[JA3/JA4 fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/)**: If you want to allow access to a stable software client that does not come from a dedicated IP, you can do so by looking up the JA3 fingerprint(s) used by that client in the Bot Analytics dashboard, and creating a WAF custom rule to allow traffic based on that JA3 fingerprint. JA3 fingerprints will only match a client’s TLS library, so be cautious in looking for both overlap with other clients and with variation based on the operating system.

Cloudflare does not recommend relying on JA3 rules for mobile applications that may be abused. If you have questions about how to securely allow traffic from your mobile application, please contact your account team. :::note diff --git a/src/content/docs/bots/concepts/index.mdx b/src/content/docs/bots/concepts/index.mdx index fa8e388e9a0858d..216056ae09ecd7a 100644 --- a/src/content/docs/bots/concepts/index.mdx +++ b/src/content/docs/bots/concepts/index.mdx @@ -2,7 +2,7 @@ pcx_content_type: navigation title: Concepts sidebar: - order: 3 + order: 4 group: hideIndex: true diff --git a/src/content/docs/bots/get-started/biz-and-ent.mdx b/src/content/docs/bots/get-started/biz-and-ent.mdx deleted file mode 100644 index 06ffcf398438dc2..000000000000000 --- a/src/content/docs/bots/get-started/biz-and-ent.mdx +++ /dev/null @@ -1,61 +0,0 @@ ---- -title: Business -pcx_content_type: get-started -sidebar: - order: 3 -head: - - tag: title - content: Get started with Super Bot Fight Mode (Business) - ---- - -import { Render } from "~/components" - -Super Bot Fight Mode is included in your Business or Enterprise subscription. When enabled, the product: - -- Identifies traffic matching patterns of known bots and likely bots -- Can challenge or block bots -- Offers protection for static resources -- Provides robust analytics to help you understand bot traffic - -:::note - -If you have an Enterprise subscription without Bot Management, your application will also have Super Bot Fight Mode for Business. -::: - -## Enable Super Bot Fight Mode - - - - - - - -## Disable Super Bot Fight Mode - - - - - -## Block AI bots - - - -:::note - -You can view blocked AI bot traffic via [Security Analytics](/waf/analytics/security-analytics/). -::: - -### Enable AI Labyrinth - - - -## Analytics - -For more on analytics, see [Bot Analytics](/bots/bot-analytics/biz-and-ent/). - -## Ruleset Engine - - - - diff --git a/src/content/docs/bots/get-started/free.mdx b/src/content/docs/bots/get-started/bot-fight-mode.mdx similarity index 92% rename from src/content/docs/bots/get-started/free.mdx rename to src/content/docs/bots/get-started/bot-fight-mode.mdx index 81d59d18a23bf52..72a0cfd7c086c3c 100644 --- a/src/content/docs/bots/get-started/free.mdx +++ b/src/content/docs/bots/get-started/bot-fight-mode.mdx @@ -1,5 +1,5 @@ --- -title: Free +title: Bot Fight Mode pcx_content_type: get-started sidebar: order: 1 @@ -13,6 +13,10 @@ import { Render } from "~/components" +## Considerations + + + ## Enable Bot Fight Mode @@ -48,6 +52,6 @@ You can see bot-related actions by going to **Security** > **Events**. Any reque ## Limitations -You cannot bypass or skip Bot Fight Mode using the _Skip_ action in WAF custom rules or using Page Rules. _Skip_, _Bypass_, and _Allow_ actions apply to rules or rulesets running on the [Ruleset Engine](/ruleset-engine/). While Super Bot Fight Mode rules are implemented in the Ruleset Engine, Bot Fight Mode checks are not. This is why you can skip Super Bot Fight Mode, but not Bot Fight Mode. If you need to skip Bot Fight Mode, consider using [Super Bot Fight Mode](/bots/get-started/pro/). +You cannot bypass or skip Bot Fight Mode using the _Skip_ action in WAF custom rules or using Page Rules. _Skip_, _Bypass_, and _Allow_ actions apply to rules or rulesets running on the [Ruleset Engine](/ruleset-engine/). While Super Bot Fight Mode rules are implemented in the Ruleset Engine, Bot Fight Mode checks are not. This is why you can skip Super Bot Fight Mode, but not Bot Fight Mode. If you need to skip Bot Fight Mode, consider using [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/). Bot Fight Mode can still trigger if you have IP Access rules, but it cannot trigger if an IP Access rule matches the request. For example, the IP Access rule matches the connecting IP. diff --git a/src/content/docs/bots/get-started/bm-subscription.mdx b/src/content/docs/bots/get-started/bot-management.mdx similarity index 98% rename from src/content/docs/bots/get-started/bm-subscription.mdx rename to src/content/docs/bots/get-started/bot-management.mdx index 72742730e288bcc..2e32a0efa38bc99 100644 --- a/src/content/docs/bots/get-started/bm-subscription.mdx +++ b/src/content/docs/bots/get-started/bot-management.mdx @@ -1,6 +1,6 @@ --- pcx_content_type: get-started -title: Enterprise Bot Management +title: Bot Management sidebar: order: 4 diff --git a/src/content/docs/bots/get-started/index.mdx b/src/content/docs/bots/get-started/index.mdx index dc69d3022337714..3340854bf7e458e 100644 --- a/src/content/docs/bots/get-started/index.mdx +++ b/src/content/docs/bots/get-started/index.mdx @@ -2,7 +2,7 @@ title: Get started with Cloudflare bot solutions pcx_content_type: navigation sidebar: - order: 2 + order: 3 group: hideIndex: true label: Get started diff --git a/src/content/docs/bots/get-started/pro.mdx b/src/content/docs/bots/get-started/super-bot-fight-mode.mdx similarity index 80% rename from src/content/docs/bots/get-started/pro.mdx rename to src/content/docs/bots/get-started/super-bot-fight-mode.mdx index 0b34067b489821f..4765c3024c88a07 100644 --- a/src/content/docs/bots/get-started/pro.mdx +++ b/src/content/docs/bots/get-started/super-bot-fight-mode.mdx @@ -1,30 +1,38 @@ --- -title: Pro +title: Super Bot Fight Mode pcx_content_type: get-started sidebar: order: 2 head: - tag: title - content: Get started with Super Bot Fight Mode (Pro) + content: Get started with Super Bot Fight Mode --- import { Render } from "~/components" -Super Bot Fight Mode is included in your Pro subscription. When enabled, the product: +Super Bot Fight Mode is included in your Pro, Business, or Enterprise subscription. When enabled, the product: - Identifies traffic matching patterns of known bots - Can challenge or block bots - Offers protection for static resources - Provides limited analytics to help you understand bot traffic +Accounts with an Enterprise subscription but not the [Bot Management add-on](/bots/get-started/bot-management/) will have Super Bot Fight Mode for Business. + +## Considerations + + + ## Enable Super Bot Fight Mode + + - +### Conditions - + ## Disable Super Bot Fight Mode diff --git a/src/content/docs/bots/index.mdx b/src/content/docs/bots/index.mdx index 8e881a15d81dd21..b93d25da9c5f7ff 100644 --- a/src/content/docs/bots/index.mdx +++ b/src/content/docs/bots/index.mdx @@ -27,11 +27,11 @@ While Cloudflare offers several products that relate to bot traffic, this sectio ## Features - + Detect and mitigate bot traffic on your domain. - + Identify traffic matching patterns of known bots, challenge or block bots, protect static resources, and view analytics to help you understand bot traffic using Super Bot Fight Mode. diff --git a/src/content/docs/bots/plans/biz-and-ent.mdx b/src/content/docs/bots/plans/biz-and-ent.mdx index 303ede8cf3207d6..a5dfd60f376846c 100644 --- a/src/content/docs/bots/plans/biz-and-ent.mdx +++ b/src/content/docs/bots/plans/biz-and-ent.mdx @@ -21,34 +21,6 @@ import { Render } from "~/components" -## Bot detection engines - -### Heuristics - - - -### Machine learning - - - -The ML engine identifies _likely automated_ traffic. - -### JavaScript detections - - - -JSD is completely optional. To adjust your settings, configure Super Bot Fight Mode from **Security** > **Bots**. - -### Notes on detection - - - - - -## Considerations - - - ## How do I get started? diff --git a/src/content/docs/bots/plans/bm-subscription.mdx b/src/content/docs/bots/plans/bm-subscription.mdx index ff75bf8e8755489..4810ddcbda2f4d3 100644 --- a/src/content/docs/bots/plans/bm-subscription.mdx +++ b/src/content/docs/bots/plans/bm-subscription.mdx @@ -23,13 +23,9 @@ import { Render } from "~/components" :::note -Zones that have [Enterprise Bot Management](/bots/get-started/bm-subscription/) enabled will not see Bot Fight Mode or Super Bot Fight Mode under **Security** > **Bots**. +Zones that have [Enterprise Bot Management](/bots/get-started/bot-management/) enabled will not see Bot Fight Mode or Super Bot Fight Mode under **Security** > **Bots**. ::: -## Bot detection engines - - - ## How do I get started? diff --git a/src/content/docs/bots/plans/free.mdx b/src/content/docs/bots/plans/free.mdx index c081952e02b93cc..aa0faf4ed401bd2 100644 --- a/src/content/docs/bots/plans/free.mdx +++ b/src/content/docs/bots/plans/free.mdx @@ -21,26 +21,6 @@ import { Render } from "~/components" -## Bot detection engines - -### Heuristics - - - -### JavaScript detections - - - -JSD is automatically enabled with Bot Fight Mode. - -### Notes on detection - - - -## Considerations - - - ## How do I get started? diff --git a/src/content/docs/bots/plans/index.mdx b/src/content/docs/bots/plans/index.mdx index a017371adbf3b5d..90a151cf8d63ade 100644 --- a/src/content/docs/bots/plans/index.mdx +++ b/src/content/docs/bots/plans/index.mdx @@ -4,7 +4,7 @@ type: overview hideChildren: true pcx_content_type: navigation sidebar: - order: 4 + order: 2 head: - tag: title content: Cloudflare bot plans @@ -17,7 +17,6 @@ import { LinkButton, Render } from "~/components" Free Pro Business Bot Management for Enterprise - ## How do I get started? diff --git a/src/content/docs/bots/plans/pro.mdx b/src/content/docs/bots/plans/pro.mdx index 6b88d33663c0157..7f9d90e937dee16 100644 --- a/src/content/docs/bots/plans/pro.mdx +++ b/src/content/docs/bots/plans/pro.mdx @@ -21,26 +21,6 @@ import { Render } from "~/components" -## Bot detection engines - -### Heuristics - - - -### JavaScript detections - - - -JSD is completely optional. To adjust your settings, configure Super Bot Fight Mode from **Security** > **Bots**. - -### Notes on detection - - - -## Considerations - - - ## How do I get started? diff --git a/src/content/docs/bots/reference/bot-management-variables.mdx b/src/content/docs/bots/reference/bot-management-variables.mdx index 5dd8aafa46d6eb4..356a3cb7afc3109 100644 --- a/src/content/docs/bots/reference/bot-management-variables.mdx +++ b/src/content/docs/bots/reference/bot-management-variables.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: reference title: Bot Management variables -weight: 0 +sidebar: + order: 2 --- diff --git a/src/content/docs/bots/reference/index.mdx b/src/content/docs/bots/reference/index.mdx index e5271c468c905f2..c0cfc339c71cb82 100644 --- a/src/content/docs/bots/reference/index.mdx +++ b/src/content/docs/bots/reference/index.mdx @@ -2,7 +2,7 @@ pcx_content_type: navigation title: Reference sidebar: - order: 10 + order: 8 group: hideIndex: true diff --git a/src/content/docs/bots/reference/machine-learning-models.mdx b/src/content/docs/bots/reference/machine-learning-models.mdx index e2fc121ecd233bf..4c582a6c8155544 100644 --- a/src/content/docs/bots/reference/machine-learning-models.mdx +++ b/src/content/docs/bots/reference/machine-learning-models.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: reference title: Machine Learning models -weight: 0 +sidebar: + order: 3 --- diff --git a/src/content/docs/bots/reference/sample-terms.mdx b/src/content/docs/bots/reference/sample-terms.mdx index d42b0ad3eb2827a..fdb0a1759d51758 100644 --- a/src/content/docs/bots/reference/sample-terms.mdx +++ b/src/content/docs/bots/reference/sample-terms.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: reference title: Sample terms -weight: 0 +sidebar: + order: 4 --- diff --git a/src/content/docs/bots/reference/bot-management-skips.mdx b/src/content/docs/bots/troubleshooting/bot-management-skips.mdx similarity index 86% rename from src/content/docs/bots/reference/bot-management-skips.mdx rename to src/content/docs/bots/troubleshooting/bot-management-skips.mdx index be6d8351852d358..ddfd43f5c517a92 100644 --- a/src/content/docs/bots/reference/bot-management-skips.mdx +++ b/src/content/docs/bots/troubleshooting/bot-management-skips.mdx @@ -1,13 +1,14 @@ --- pcx_content_type: troubleshooting title: Bot Management skips -weight: 0 +sidebar: + order: 1 --- import { GlossaryTooltip } from "~/components" -There are instances in which Bot Management does not run and certain fields, such as the [JA3/JA4 field](/bots/concepts/ja3-ja4-fingerprint/), are not populated because it has been determined that running Bot Management would not be necessary. +There are instances in which Bot Management does not run and certain fields, such as the [JA3/JA4 field](/bots/additional-configurations/ja3-ja4-fingerprint/), are not populated because it has been determined that running Bot Management would not be necessary. Refer to bot scores for more information about why a request is not scored. diff --git a/src/content/docs/bots/troubleshooting.mdx b/src/content/docs/bots/troubleshooting/frequently-asked-questions.mdx similarity index 99% rename from src/content/docs/bots/troubleshooting.mdx rename to src/content/docs/bots/troubleshooting/frequently-asked-questions.mdx index ab8d086f05450d4..624413e94ba5039 100644 --- a/src/content/docs/bots/troubleshooting.mdx +++ b/src/content/docs/bots/troubleshooting/frequently-asked-questions.mdx @@ -3,7 +3,7 @@ pcx_content_type: faq title: FAQ structured_data: true sidebar: - order: 11 + order: 3 --- import { Render, RuleID } from "~/components"; @@ -144,7 +144,7 @@ If you encounter any issues with BFM/SBFM feature (e.g. false positive), you can -You cannot bypass or skip Bot Fight Mode using the _Skip_ action in WAF custom rules or using Page Rules. _Skip_, _Bypass_, and _Allow_ actions apply to rules or rulesets running on the [Ruleset Engine](/ruleset-engine/). While Super Bot Fight Mode rules are implemented in the Ruleset Engine, Bot Fight Mode checks are not. This is why you can skip Super Bot Fight Mode, but not Bot Fight Mode. If you need to skip Bot Fight Mode, consider using [Super Bot Fight Mode](/bots/get-started/pro/). +You cannot bypass or skip Bot Fight Mode using the _Skip_ action in WAF custom rules or using Page Rules. _Skip_, _Bypass_, and _Allow_ actions apply to rules or rulesets running on the [Ruleset Engine](/ruleset-engine/). While Super Bot Fight Mode rules are implemented in the Ruleset Engine, Bot Fight Mode checks are not. This is why you can skip Super Bot Fight Mode, but not Bot Fight Mode. If you need to skip Bot Fight Mode, consider using [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/). Bot Fight Mode can still trigger if you have IP Access rules, but it cannot trigger if an IP Access rule matches the request. For example, the IP Access rule matches the connecting IP. diff --git a/src/content/docs/bots/troubleshooting/index.mdx b/src/content/docs/bots/troubleshooting/index.mdx new file mode 100644 index 000000000000000..f13bffda3b7faf2 --- /dev/null +++ b/src/content/docs/bots/troubleshooting/index.mdx @@ -0,0 +1,14 @@ +--- +title: Troubleshooting +pcx_content_type: navigation +sidebar: + order: 7 + group: + hideIndex: true + label: Troubleshooting +head: + - tag: title + content: Troubleshoot issues with Bots + +--- + diff --git a/src/content/docs/bots/reference/wordpress-loopback-issue.mdx b/src/content/docs/bots/troubleshooting/wordpress-loopback-issue.mdx similarity index 98% rename from src/content/docs/bots/reference/wordpress-loopback-issue.mdx rename to src/content/docs/bots/troubleshooting/wordpress-loopback-issue.mdx index e6195b9f70df136..ec9944a5f42acbc 100644 --- a/src/content/docs/bots/reference/wordpress-loopback-issue.mdx +++ b/src/content/docs/bots/troubleshooting/wordpress-loopback-issue.mdx @@ -1,7 +1,8 @@ --- pcx_content_type: troubleshooting title: Super Bot Fight Mode for WordPress -weight: 0 +sidebar: + order: 2 --- diff --git a/src/content/docs/bots/concepts/bot-score/delay-action.mdx b/src/content/docs/bots/workers-templates/delay-action.mdx similarity index 100% rename from src/content/docs/bots/concepts/bot-score/delay-action.mdx rename to src/content/docs/bots/workers-templates/delay-action.mdx diff --git a/src/content/docs/bots/workers-templates/index.mdx b/src/content/docs/bots/workers-templates/index.mdx new file mode 100644 index 000000000000000..9994d880bf28c96 --- /dev/null +++ b/src/content/docs/bots/workers-templates/index.mdx @@ -0,0 +1,14 @@ +--- +title: Workers templates +pcx_content_type: navigation +sidebar: + order: 6 + group: + hideIndex: true + label: Workers templates +head: + - tag: title + content: Workers templates + +--- + diff --git a/src/content/docs/cache/get-started.mdx b/src/content/docs/cache/get-started.mdx index cbb83d9550a4f2b..bdd425266d5bfa3 100644 --- a/src/content/docs/cache/get-started.mdx +++ b/src/content/docs/cache/get-started.mdx @@ -71,7 +71,7 @@ Review the list of Cloudflare features that function in this manner: * [Mirage](/speed/optimization/images/mirage/) * [Hotlink Protection](/waf/tools/scrape-shield/hotlink-protection/) * [Email address obfuscation](/waf/tools/scrape-shield/email-address-obfuscation/) -* [Bot Management JavaScript Detections](/bots/reference/javascript-detections/) +* [Bot Management JavaScript Detections](/bots/additional-configurations/javascript-detections/) ## Troubleshoot diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/common-errors.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/common-errors.mdx index 6ac2ac9890e977b..4af09b1c1a7ad09 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/common-errors.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/troubleshoot-tunnels/common-errors.mdx @@ -88,7 +88,7 @@ There are a few different possible root causes behind the `websocket: bad handsh 1. On the Cloudflare dashboard for your zone, go to **SSL/TLS** > **Overview**. 2. Ensure that your SSL/TLS encryption mode is set to either **Flexible**, **Full** or **Full (strict)**. -- Your requests are blocked by [Super Bot Fight Mode](/bots/get-started/pro/). To resolve, make sure you set **Definitely automated** to _Allow_ in the bot fight mode settings. +- Your requests are blocked by [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/). To resolve, make sure you set **Definitely automated** to _Allow_ in the bot fight mode settings. - Your SSH or RDP Access application has the [Binding Cookie](/cloudflare-one/identity/authorization-cookie/#binding-cookie) enabled. To disable the cookie, go to **Access** > **Applications** and edit the application settings. diff --git a/src/content/docs/fundamentals/reference/cdn-cgi-endpoint.mdx b/src/content/docs/fundamentals/reference/cdn-cgi-endpoint.mdx index 34d797dae0b044a..8703452f467a683 100644 --- a/src/content/docs/fundamentals/reference/cdn-cgi-endpoint.mdx +++ b/src/content/docs/fundamentals/reference/cdn-cgi-endpoint.mdx @@ -11,7 +11,7 @@ This endpoint is managed and served by Cloudflare. It cannot be modified or cust A few examples include (but are not limited to): * [Identify the Cloudflare data center serving your request](/support/troubleshooting/general-troubleshooting/gathering-information-for-troubleshooting-sites/#identify-the-cloudflare-data-center-serving-your-request), which is helpful for troubleshooting (`https:///cdn-cgi/trace`). -* [JavaScript detection](/bots/reference/javascript-detections/) used by Cloudflare bot products (`example.com/cdn-cgi/challenge-platform/`) +* [JavaScript detection](/bots/additional-configurations/javascript-detections/) used by Cloudflare bot products (`example.com/cdn-cgi/challenge-platform/`) * [Image transformations](/images/transform-images) in the new URLs you would use for images (`example.com/cdn-cgi/image/`) * [Email address obfuscation](/waf/tools/scrape-shield/email-address-obfuscation/) used to hide email addresses from malicious bots (`example.com/cdn-cgi/l/email-protection`) * [Web analytics](/web-analytics/get-started/#sites-proxied-through-cloudflare) for a website proxied through Cloudflare (`example.com/cdn-cgi/rum`). This endpoint returns a `204` HTTP status code. diff --git a/src/content/docs/fundamentals/reference/policies-compliances/cloudflare-cookies.mdx b/src/content/docs/fundamentals/reference/policies-compliances/cloudflare-cookies.mdx index 1f98319f8973c38..7f3c60e143d6e4b 100644 --- a/src/content/docs/fundamentals/reference/policies-compliances/cloudflare-cookies.mdx +++ b/src/content/docs/fundamentals/reference/policies-compliances/cloudflare-cookies.mdx @@ -42,11 +42,11 @@ Bot Management is available to Enterprise customers as an add-on service. Contac ### \_\_cfseq cookie for Cloudflare bot products - + ### cf_clearance cookie for Cloudflare bot products -The `cf_clearance` cookie is required for [JavaScript detections](/bots/reference/javascript-detections/). JavaScript detections are stored in the `cf_clearance` cookie. +The `cf_clearance` cookie is required for [JavaScript detections](/bots/additional-configurations/javascript-detections/). JavaScript detections are stored in the `cf_clearance` cookie. ### cf\_ob\_info and cf\_use\_ob cookie for Cloudflare Always Online diff --git a/src/content/docs/fundamentals/reference/policies-compliances/content-security-policies.mdx b/src/content/docs/fundamentals/reference/policies-compliances/content-security-policies.mdx index 4c3ddeafe1ae8bf..2a6a8dc9ce02c0a 100644 --- a/src/content/docs/fundamentals/reference/policies-compliances/content-security-policies.mdx +++ b/src/content/docs/fundamentals/reference/policies-compliances/content-security-policies.mdx @@ -40,7 +40,7 @@ To use certain Cloudflare features, however, you may need to update the headers | [Rocket Loader](/speed/optimization/content/rocket-loader/), [Mirage](/speed/optimization/images/mirage/) | `script-src 'self' ajax.cloudflare.com;` | | [Cloudflare Apps](https://cloudflareapps.com/apps/developer/docs/getting-started), [Scrape Shield](/waf/tools/scrape-shield/) | `script-src 'self' 'unsafe-inline'` | | [Web Analytics](/web-analytics/) | `script-src static.cloudflareinsights.com; connect-src cloudflareinsights.com` | -| [Bot products](/bots/) | Refer to [JavaScript detections and CSPs](/bots/reference/javascript-detections/#if-you-have-a-content-security-policy-csp). | +| [Bot products](/bots/) | Refer to [JavaScript detections and CSPs](/bots/additional-configurations/javascript-detections/#if-you-have-a-content-security-policy-csp). | | [Page Shield](/page-shield/) | Refer to [Page Shield CSP Header format](/page-shield/reference/csp-header/). | | [Zaraz](/zaraz/) | No updates required ([details](https://blog.cloudflare.com/cloudflare-zaraz-supports-csp/)). | | [Turnstile](/turnstile/) | Refer to [Turnstile CSP](/turnstile/reference/content-security-policy/). | diff --git a/src/content/docs/fundamentals/security/cloudflare-challenges/index.mdx b/src/content/docs/fundamentals/security/cloudflare-challenges/index.mdx index 7a99735a61440cc..1a45050f6f76740 100644 --- a/src/content/docs/fundamentals/security/cloudflare-challenges/index.mdx +++ b/src/content/docs/fundamentals/security/cloudflare-challenges/index.mdx @@ -44,7 +44,7 @@ Currently, **Managed Challenge** actions are available in the following security - [WAF custom rules](/waf/custom-rules/) - [Rate limiting rules](/waf/rate-limiting-rules/) - [WAF Managed Rules](/waf/managed-rules/) -- [Bot Fight Mode](/bots/get-started/free/): You may also see Security Events with an **Action taken** of **Managed Challenge** due to [Cloudflare bot products](/bots/troubleshooting/#why-am-i-seeing-a-managed-challenge-action-for-waf-rules). +- [Bot Fight Mode](/bots/get-started/bot-fight-mode/): You may also see Security Events with an **Action taken** of **Managed Challenge** due to [Cloudflare bot products](/bots/troubleshooting/#why-am-i-seeing-a-managed-challenge-action-for-waf-rules). - [HTTP DDoS Attack Protection](/ddos-protection/managed-rulesets/http/) - [IP Access Rules](/waf/tools/ip-access-rules/) - [User Agent Blocking](/waf/tools/user-agent-blocking/) diff --git a/src/content/docs/fundamentals/setup/manage-members/roles.mdx b/src/content/docs/fundamentals/setup/manage-members/roles.mdx index ae3b5d3eb4d9ad1..158bb661cc269ca 100644 --- a/src/content/docs/fundamentals/setup/manage-members/roles.mdx +++ b/src/content/docs/fundamentals/setup/manage-members/roles.mdx @@ -23,7 +23,7 @@ Account-scoped roles apply across an entire Cloudflare account, and through all | API Gateway | Grants full access to [API Gateway (including API Shield)](/api-shield/) for all domains in an account. | | API Gateway Read | Grants read access to [API Gateway (including API Shield)](/api-shield/) for all domains in an account. | | Audit Logs Viewer | Can view [Audit Logs](/fundamentals/setup/account/account-security/review-audit-logs/). | -| Bot Management (Account-wide) | Can edit [Bot Management](/bots/plans/bm-subscription/) (including [Super Bot Fight Mode](/bots/get-started/pro/)) configurations for all domains in account. | +| Bot Management (Account-wide) | Can edit [Bot Management](/bots/plans/bm-subscription/) (including [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/)) configurations for all domains in account. | | Billing | Can edit the account's [billing profile](/fundamentals/subscriptions-and-billing/create-billing-profile/) and subscriptions | | Cloudflare Access | Can edit [Cloudflare Access](/cloudflare-one/policies/access/) and [Cloudflare Tunnel](/cloudflare-one/connections/connect-networks/). | | Cache Purge | Can purge the edge cache and allows the reading of zone settings. | @@ -82,7 +82,7 @@ Domain-scoped roles apply for a given domain within an account. | Role | Description | | ------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Bot Management | Can edit [Bot Management](/bots/plans/bm-subscription/) (including [Super Bot Fight Mode](/bots/get-started/pro/)) configurations. | +| Bot Management | Can edit [Bot Management](/bots/plans/bm-subscription/) (including [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/)) configurations. | | Cache Domain Purge | Grants access to [purge the edge cache](/cache/how-to/purge-cache/) for a specific domain and allows the reading of zone settings. | | Domain Administrator | Grants full access to domains in an account, and read-only access to account-wide [Firewall](/waf/account/managed-rulesets/deploy-dashboard/), [Access](/cloudflare-one/policies/access/), and [Worker](/workers/) resources. | | Domain Administrator Read Only | Grants read-only access to domains in an account, as well as account-wide [Firewall](/waf/account/managed-rulesets/deploy-dashboard/), [Access](/cloudflare-one/policies/access/), and [Worker](/workers/) resources. | diff --git a/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx b/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx index 2f730c55fd2729d..8da81235da53b91 100644 --- a/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx +++ b/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx @@ -28,7 +28,7 @@ The Cloudflare Tunnel will establish an outbound bidirectional connection from y :::caution[Warning] -If your organization also uses [Super Bot Fight Mode](/bots/get-started/pro/), keep **Definitely Automated** set to **Allow**. Otherwise, tunnels might fail with a `websocket: bad handshake` error. +If your organization also uses [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/), keep **Definitely Automated** set to **Allow**. Otherwise, tunnels might fail with a `websocket: bad handshake` error. ::: ## Prerequisites diff --git a/src/content/docs/images/reference/security.mdx b/src/content/docs/images/reference/security.mdx index a6cb8dfc56f292f..6dcd2cf7b7e35fe 100644 --- a/src/content/docs/images/reference/security.mdx +++ b/src/content/docs/images/reference/security.mdx @@ -11,4 +11,4 @@ head: To further ensure the security and efficiency of image optimization services, you can adopt Cloudflare products that safeguard against malicious activities. -Cloudflare security products like [Cloudflare WAF](/waf/), [Cloudflare Bot Management](/bots/get-started/bm-subscription/) and [Cloudflare Rate Limiting](/waf/rate-limiting-rules/) can enhance the protection of your image optimization requests against abuse. This proactive approach ensures a reliable and efficient experience for all legitimate users. +Cloudflare security products like [Cloudflare WAF](/waf/), [Cloudflare Bot Management](/bots/get-started/bot-management/) and [Cloudflare Rate Limiting](/waf/rate-limiting-rules/) can enhance the protection of your image optimization requests against abuse. This proactive approach ensures a reliable and efficient experience for all legitimate users. diff --git a/src/content/docs/learning-paths/get-started-free/security/bot-fight-mode.mdx b/src/content/docs/learning-paths/get-started-free/security/bot-fight-mode.mdx index 90f0b89cacf3d9c..eb0a1ae7fc99822 100644 --- a/src/content/docs/learning-paths/get-started-free/security/bot-fight-mode.mdx +++ b/src/content/docs/learning-paths/get-started-free/security/bot-fight-mode.mdx @@ -19,7 +19,7 @@ Bot Fight Mode has a few limitations, including that it: If these limitations could cause issues with your application, do not enable this feature. -For more granular control - including the ability to use the `Skip` action for bot mitigation - consider using [Super Bot Fight Mode](/bots/get-started/pro/). +For more granular control - including the ability to use the `Skip` action for bot mitigation - consider using [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/). ## Setup @@ -28,7 +28,7 @@ For more granular control - including the ability to use the `Skip` action for b :::caution -If these limitations cause issues with your application, [disable](/bots/get-started/free/#disable-bot-fight-mode) Bot Fight Mode. +If these limitations cause issues with your application, [disable](/bots/get-started/bot-fight-mode/#disable-bot-fight-mode) Bot Fight Mode. ::: diff --git a/src/content/docs/learning-paths/get-started/security/bot-fight-mode.mdx b/src/content/docs/learning-paths/get-started/security/bot-fight-mode.mdx index 90f0b89cacf3d9c..eb0a1ae7fc99822 100644 --- a/src/content/docs/learning-paths/get-started/security/bot-fight-mode.mdx +++ b/src/content/docs/learning-paths/get-started/security/bot-fight-mode.mdx @@ -19,7 +19,7 @@ Bot Fight Mode has a few limitations, including that it: If these limitations could cause issues with your application, do not enable this feature. -For more granular control - including the ability to use the `Skip` action for bot mitigation - consider using [Super Bot Fight Mode](/bots/get-started/pro/). +For more granular control - including the ability to use the `Skip` action for bot mitigation - consider using [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/). ## Setup @@ -28,7 +28,7 @@ For more granular control - including the ability to use the `Skip` action for b :::caution -If these limitations cause issues with your application, [disable](/bots/get-started/free/#disable-bot-fight-mode) Bot Fight Mode. +If these limitations cause issues with your application, [disable](/bots/get-started/bot-fight-mode/#disable-bot-fight-mode) Bot Fight Mode. ::: diff --git a/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/customize-security.mdx b/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/customize-security.mdx index c18962af1e5498f..b1292196c806607 100644 --- a/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/customize-security.mdx +++ b/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/customize-security.mdx @@ -12,6 +12,6 @@ To reduce incoming malicious requests, you could: - Create [WAF custom rules](/waf/custom-rules/) for protection based on specific aspects of incoming requests. - Adjust DDoS rules to handle [false negatives and false positives](/ddos-protection/managed-rulesets/adjust-rules/). - Build [rate limiting rules](/waf/rate-limiting-rules/) to protect against specific patterns of requests. -- Enable [bot protection](/bots/get-started/) or set up [Bot Management for Enterprise](/bots/get-started/bm-subscription/) to protect against automated abuse. +- Enable [bot protection](/bots/get-started/) or set up [Bot Management for Enterprise](/bots/get-started/bot-management/) to protect against automated abuse. - Explore [network-layer DDoS attack protection](/ddos-protection/managed-rulesets/network/). - Review the rest of Cloudflare's [security options](/learning-paths/application-security/account-security/). diff --git a/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/improve-analytics.mdx b/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/improve-analytics.mdx index 054f894938be4d7..aa11670eeb04313 100644 --- a/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/improve-analytics.mdx +++ b/src/content/docs/learning-paths/prevent-ddos-attacks/advanced/improve-analytics.mdx @@ -26,6 +26,6 @@ This data can help when looking at long-term DDoS attack trends or when you need ## Bot Management -For more detailed analytics about potential bot attacks, Enterprise customers can also purchase [Bot Management](/bots/get-started/bm-subscription/). +For more detailed analytics about potential bot attacks, Enterprise customers can also purchase [Bot Management](/bots/get-started/bot-management/). diff --git a/src/content/docs/logs/reference/log-fields/index.mdx b/src/content/docs/logs/reference/log-fields/index.mdx index e6588fc5962a54d..fa1c70afe001b27 100644 --- a/src/content/docs/logs/reference/log-fields/index.mdx +++ b/src/content/docs/logs/reference/log-fields/index.mdx @@ -36,7 +36,7 @@ Deprecated fields remain available to prevent breaking existing jobs. They may e ## Recommendation -For log field **ClientIPClass**, Cloudflare recommends using [Bot Tags](/bots/concepts/cloudflare-bot-tags/) to classify IPs. +For log field **ClientIPClass**, Cloudflare recommends using [bot tags](/bots/concepts/bot-tags/) to classify IPs. ## Additional resources diff --git a/src/content/docs/logs/reference/log-fields/zone/http_requests.md b/src/content/docs/logs/reference/log-fields/zone/http_requests.md index e4dc90c323ad42f..bad839c25474ffc 100644 --- a/src/content/docs/logs/reference/log-fields/zone/http_requests.md +++ b/src/content/docs/logs/reference/log-fields/zone/http_requests.md @@ -37,7 +37,7 @@ Detection engine responsible for generating the Bot Score.
Possible values Type: `array[string]` -Type of bot traffic (if available). Refer to [Bot Tags](/bots/concepts/cloudflare-bot-tags/) for the list of potential values. Available only for Bot Management customers. To enable this feature, contact your account team. +Type of bot traffic (if available). Refer to [Bot Tags](/bots/concepts/bot-tags/) for the list of potential values. Available only for Bot Management customers. To enable this feature, contact your account team. ## CacheCacheStatus diff --git a/src/content/docs/reference-architecture/diagrams/bots/bot-management.mdx b/src/content/docs/reference-architecture/diagrams/bots/bot-management.mdx index 6c2a8fe9b8d9906..e850cf7e1b70e5c 100644 --- a/src/content/docs/reference-architecture/diagrams/bots/bot-management.mdx +++ b/src/content/docs/reference-architecture/diagrams/bots/bot-management.mdx @@ -11,16 +11,16 @@ updated: 2024-10-04 ## Introduction -Cloudflare has bot management capabilities to help identify and mitigate automated traffic to protect domains from bad bots. [Bot Fight Mode](/bots/get-started/free/) and [Super Bot Fight Mode](/bots/get-started/biz-and-ent/) are options available on Free and Pro/Business accounts respectively. They offer a subset of features and capabilities available for Enterprise accounts. This reference architecture diagram focuses on [Enterprise Bot Management](/bots/get-started/bm-subscription/) available for Enterprise customers. +Cloudflare has bot management capabilities to help identify and mitigate automated traffic to protect domains from bad bots. [Bot Fight Mode](/bots/get-started/bot-fight-mode/) and [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/) are options available on Free and Pro/Business accounts respectively. They offer a subset of features and capabilities available for Enterprise accounts. This reference architecture diagram focuses on [Enterprise Bot Management](/bots/get-started/bot-management/) available for Enterprise customers. -With [Enterprise Bot Management](https://developers.cloudflare.com/bots/get-started/bm-subscription/) customers have the maximum protection, features, and capability. A [bot score](https://developers.cloudflare.com/bots/concepts/bot-score/) is exposed for every request. Cloudflare applies a layered detection approach to Bot Management with several detection engines that cumulatively can impact the bot score. A bot score is a score from 1 to 99 that indicates the likelihood that the request came from a bot. Scores below 30 are commonly associated with bot traffic and customers can then take action on this score with [WAF custom rules](https://developers.cloudflare.com/waf/custom-rules/) or [Workers](https://developers.cloudflare.com/workers/runtime-apis/request/#incomingrequestcfproperties). Additionally, customers can view this score along with other bot specifics like bot score source, bot detection IDs, and bot detection tags in the Bots, Security Analytics, and Events dashboards; these fields can also be seen in more detailed logs in Log Explorer or, with Log Push, logs with these respective fields can be exported to 3rd party SIEMs/Analytics platforms. +With [Enterprise Bot Management](/bots/get-started/bot-management/) customers have the maximum protection, features, and capability. A [bot score](https://developers.cloudflare.com/bots/concepts/bot-score/) is exposed for every request. Cloudflare applies a layered detection approach to Bot Management with several detection engines that cumulatively can impact the bot score. A bot score is a score from 1 to 99 that indicates the likelihood that the request came from a bot. Scores below 30 are commonly associated with bot traffic and customers can then take action on this score with [WAF custom rules](https://developers.cloudflare.com/waf/custom-rules/) or [Workers](https://developers.cloudflare.com/workers/runtime-apis/request/#incomingrequestcfproperties). Additionally, customers can view this score along with other bot specifics like bot score source, bot detection IDs, and bot detection tags in the Bots, Security Analytics, and Events dashboards; these fields can also be seen in more detailed logs in Log Explorer or, with Log Push, logs with these respective fields can be exported to 3rd party SIEMs/Analytics platforms. ## Definitions -- **Bot Score:** A [bot score](/bots/concepts/cloudflare-bot-tags/) is a score from 1 to 99 that indicates how likely that request came from a bot. A score of 1 means Cloudflare is certain the request was automated. +- **Bot Score:** A [bot score](/bots/concepts/bot-tags/) is a score from 1 to 99 that indicates how likely that request came from a bot. A score of 1 means Cloudflare is certain the request was automated. - **Bot Score Source:** Bot Score Source is the detection engine used for the bot score. -- **Bot Detection ID:** [Detection IDs](/bots/concepts/detection-ids/) are static rules used to detect predictable bot behavior with no overlap with human traffic. Detection IDs cause a bot to receive a score source of heuristics with a score of 1. -- **Bot Tag:** [Bot tags](/bots/concepts/cloudflare-bot-tags/) provide more detail about why Cloudflare assigned a [bot score](/bots/concepts/bot-score/) to a request. +- **Bot Detection ID:** [Detection IDs](/bots/additional-configurations/detection-ids/) are static rules used to detect predictable bot behavior with no overlap with human traffic. Detection IDs cause a bot to receive a score source of heuristics with a score of 1. +- **Bot Tag:** [Bot tags](/bots/concepts/bot-tags/) provide more detail about why Cloudflare assigned a [bot score](/bots/concepts/bot-score/) to a request. - **Verified Bots:** Cloudflare maintains [a list of "Verified" good bots](https://radar.cloudflare.com/traffic/verified-bots) which can be used in policies to insure good bots such as those associated with a search engine are not blocked. - **AI Bots:** [If the feature is enabled](/bots/concepts/bot/#ai-bots), Cloudflare will detect and block verified AI bots that respect `robots.txt` and crawl rate, and do not hide their behavior from your website. The rule has also been expanded to include more signatures of AI bots that do not follow the rules. diff --git a/src/content/docs/rules/transform/managed-transforms/reference.mdx b/src/content/docs/rules/transform/managed-transforms/reference.mdx index 26bcaf3b8f79a1b..e54a3320a9f140f 100644 --- a/src/content/docs/rules/transform/managed-transforms/reference.mdx +++ b/src/content/docs/rules/transform/managed-transforms/reference.mdx @@ -32,8 +32,8 @@ Adds HTTP headers with bot-related values to the request sent to the origin serv - `cf-bot-score`: Contains the bot score (for example, `30`). - `cf-verified-bot`: Contains `true` if the request comes from a verified bot, or `false` otherwise. -- `cf-ja3-hash`: Contains the JA3 fingerprint. -- `cf-ja4`: Contains the JA4 fingerprint. +- `cf-ja3-hash`: Contains the JA3 fingerprint. +- `cf-ja4`: Contains the JA4 fingerprint. ### Add TLS client auth headers diff --git a/src/content/docs/ruleset-engine/reference/phases-list.mdx b/src/content/docs/ruleset-engine/reference/phases-list.mdx index 969d8523f2555e2..905e76882797baf 100644 --- a/src/content/docs/ruleset-engine/reference/phases-list.mdx +++ b/src/content/docs/ruleset-engine/reference/phases-list.mdx @@ -42,7 +42,7 @@ The phases execute in the order they appear in the table. | `http_ratelimit` | [Rate limiting rules (WAF)](/waf/rate-limiting-rules/) | | _N/A_ (internal phase) | [API Shield](/api-shield/) | | `http_request_firewall_managed` | [WAF Managed Rules](/waf/managed-rules/) | -| `http_request_sbfm` | [Super Bot Fight Mode](/bots/get-started/pro/) | +| `http_request_sbfm` | [Super Bot Fight Mode](/bots/get-started/super-bot-fight-mode/) | | _N/A_ (internal phase) | [Cloudflare Access](/cloudflare-one/policies/access/) | | `http_request_redirect` | [Bulk Redirects](/rules/url-forwarding/bulk-redirects/) | | _N/A_ (internal phase) | [Managed Transforms](/rules/transform/managed-transforms/) | diff --git a/src/content/docs/security-center/security-insights/index.mdx b/src/content/docs/security-center/security-insights/index.mdx index 889e39fe09760e4..81c9b97449eb654 100644 --- a/src/content/docs/security-center/security-insights/index.mdx +++ b/src/content/docs/security-center/security-insights/index.mdx @@ -41,7 +41,7 @@ Listed below are the specific insights currently available: | [SPF Record Errors](/dns/manage-dns-records/reference/dns-record-types/#spf) | We detect an incorrect or missing `SPF` record. | | [Schema Validation missing from eligible API endpoints](/api-shield/security/schema-validation/) | Apply the learned schema to protect your API against fuzzing attacks. | | [Sensitive data in API response](/api-shield/management-and-monitoring/#sensitive-data-detection) | Sensitive data in API responses detected. | -| [Turn on JavaScript Detection](/bots/reference/javascript-detections/) | One or more of your Bot Management enabled zones does not have JavaScript Detection enabled, which is a critical part of our bot detection suite. | +| [Turn on JavaScript Detection](/bots/additional-configurations/javascript-detections/) | One or more of your Bot Management enabled zones does not have JavaScript Detection enabled, which is a critical part of our bot detection suite. | | [Unassigned Access seats](/cloudflare-one/) | We detect a Zero Trust subscription that is not configured yet. | | [Unauthenticated API endpoints detected](/api-shield/management-and-monitoring/endpoint-labels/#managed-labels) | None of the successful requests against API endpoints carried session identifiers. | | [Unprotected Cloudflare Tunnels](/cloudflare-one/applications/configure-apps/self-hosted-public-app/#4-connect-your-origin-to-cloudflare) | We detect an application that is served by a Cloudflare Tunnel but not protected by a corresponding Access policy. | diff --git a/src/content/docs/security/analytics.mdx b/src/content/docs/security/analytics.mdx index 3f0f8ac5573a863..9e8cf10ddb74785 100644 --- a/src/content/docs/security/analytics.mdx +++ b/src/content/docs/security/analytics.mdx @@ -31,7 +31,7 @@ If you need to modify existing security-related rules you already configured, co The suspicious activity gives you information about suspicious requests that were identified by the Cloudflare detections you have enabled. The supported detections include: -- [Account takeover](/bots/concepts/detection-ids/#account-takeover-detections) +- [Account takeover](/bots/additional-configurations/detection-ids/#account-takeover-detections) - [Leaked credential check](/waf/detections/leaked-credentials/) (only for user and password leaked) - [Malicious uploads](/waf/detections/malicious-uploads/) - [WAF attack score](/waf/detections/attack-score/) diff --git a/src/content/docs/security/settings.mdx b/src/content/docs/security/settings.mdx index 3f9cfeb44ab616f..c4d1f2441df730a 100644 --- a/src/content/docs/security/settings.mdx +++ b/src/content/docs/security/settings.mdx @@ -45,11 +45,11 @@ You define overrides for the Network-layer DDoS attack protection managed rulese In the **Bot traffic** security module you can perform the following tasks: -- Enable [Bot fight mode](/bots/get-started/free/) (depending on your Cloudflare plan). -- Enable [Super Bot fight mode](/bots/get-started/pro/) (depending on your Cloudflare plan). -- Review information about [Bot Management](/bots/get-started/bm-subscription/) (always enabled if included in your Enterprise subscriptions). +- Enable [Bot fight mode](/bots/get-started/bot-fight-mode/) (depending on your Cloudflare plan). +- Enable [Super Bot fight mode](/bots/get-started/super-bot-fight-mode/) (depending on your Cloudflare plan). +- Review information about [Bot Management](/bots/get-started/bot-management/) (always enabled if included in your Enterprise subscriptions). - Turn on [Block AI Bots](/bots/concepts/bot/#ai-bots). -- Turn on [AI Labyrinth](/bots/get-started/free/#enable-ai-labyrinth). +- Turn on [AI Labyrinth](/bots/get-started/bot-fight-mode/#enable-ai-labyrinth). :::note The bot traffic module includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure. @@ -100,12 +100,12 @@ This section allows you to configure multiple security-related settings. The fol | [Custom username and password location](/waf/detections/leaked-credentials/#custom-detection-locations) | **Security** > **Settings** | | [Custom content location](/waf/detections/malicious-uploads/#custom-scan-expressions) | **Security** > **Settings** | | [Custom sensitive data deployment](/waf/managed-rules/reference/sensitive-data-detection/#configure-in-the-dashboard) | **Security** > **Sensitive Data** | -| [Block definitely automated traffic](/bots/get-started/biz-and-ent/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | -| [Block likely bots](/bots/get-started/biz-and-ent/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | -| [Allow verified bots](/bots/get-started/biz-and-ent/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | -| [Static resource protection](/bots/reference/static-resources/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | -| [Optimize for WordPress](/bots/reference/wordpress-loopback-issue/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | -| [JavaScript detections](/bots/reference/javascript-detections/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [Block definitely automated traffic](/bots/get-started/super-bot-fight-mode/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [Block likely bots](/bots/get-started/super-bot-fight-mode/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [Allow verified bots](/bots/get-started/super-bot-fight-mode/#bot-settings) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [Static resource protection](/bots/additional-configurations/static-resources/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [Optimize for WordPress](/bots/troubleshooting/wordpress-loopback-issue/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | +| [JavaScript detections](/bots/additional-configurations/javascript-detections/) | **Security** > **Bots** > **Configure Super Bot Fight Mode
Security** > **Bots** > **Configure Bot Management** | | [Auto-update machine learning model](/bots/reference/machine-learning-models/) | **Security** > **Bots** > **Configure Bot Management** | | [Enable Security.txt](/security-center/infrastructure/security-file/) | **Security** > **Settings** | | [Challenge Passage](/fundamentals/security/cloudflare-challenges/challenge-passage/) | **Security** > **Settings** | diff --git a/src/content/docs/turnstile/tutorials/integrating-turnstile-waf-and-bot-management.mdx b/src/content/docs/turnstile/tutorials/integrating-turnstile-waf-and-bot-management.mdx index b4decb8624b018b..24ffab78141f23d 100644 --- a/src/content/docs/turnstile/tutorials/integrating-turnstile-waf-and-bot-management.mdx +++ b/src/content/docs/turnstile/tutorials/integrating-turnstile-waf-and-bot-management.mdx @@ -12,7 +12,7 @@ sidebar: order: 3 --- -This tutorial will guide you on how to integrate Cloudflare Turnstile, [Web Application Firewall (WAF)](/waf/), and [Bot Management](/bots/get-started/bm-subscription/) into an existing authentication system. This combination creates a robust defense against various threats, including automated attacks and malicious login attempts. +This tutorial will guide you on how to integrate Cloudflare Turnstile, [Web Application Firewall (WAF)](/waf/), and [Bot Management](/bots/get-started/bot-management/) into an existing authentication system. This combination creates a robust defense against various threats, including automated attacks and malicious login attempts. ## Overview diff --git a/src/content/docs/waf/custom-rules/skip/options.mdx b/src/content/docs/waf/custom-rules/skip/options.mdx index 7123c837cda991f..a34e7e3ff41cbcc 100644 --- a/src/content/docs/waf/custom-rules/skip/options.mdx +++ b/src/content/docs/waf/custom-rules/skip/options.mdx @@ -20,7 +20,7 @@ The available skip options in custom rules are the following: - API action parameter: `phases`. - - Skips the execution of one or more phases. Based on the phases you can skip, this option effectively allows you to skip [rate limiting rules](/waf/rate-limiting-rules/), [Super Bot Fight Mode rules](/bots/get-started/pro/), and/or [WAF Managed Rules](/waf/managed-rules/). When skipping a phase, both the account and zone-level entry point rulesets of the phase will be skipped. + - Skips the execution of one or more phases. Based on the phases you can skip, this option effectively allows you to skip [rate limiting rules](/waf/rate-limiting-rules/), [Super Bot Fight Mode rules](/bots/get-started/super-bot-fight-mode/), and/or [WAF Managed Rules](/waf/managed-rules/). When skipping a phase, both the account and zone-level entry point rulesets of the phase will be skipped. - The phases you can skip are the following: @@ -48,7 +48,7 @@ The available skip options in custom rules are the following: - The API values are case-sensitive. - - Currently, you cannot skip [Bot Fight Mode](/bots/get-started/free/), only Super Bot Fight Mode (refer to Skip phases above). + - Currently, you cannot skip [Bot Fight Mode](/bots/get-started/bot-fight-mode/), only Super Bot Fight Mode (refer to Skip phases above). :::note If you configure a skip rule at the account level it will only affect other rules/phases configured at the account level, not at the zone level. To skip rules/phases at the zone level you must configure a skip rule at the zone level. diff --git a/src/content/docs/waf/custom-rules/use-cases/challenge-bad-bots.mdx b/src/content/docs/waf/custom-rules/use-cases/challenge-bad-bots.mdx index d547d4436a61bbd..c11b26c9e912031 100644 --- a/src/content/docs/waf/custom-rules/use-cases/challenge-bad-bots.mdx +++ b/src/content/docs/waf/custom-rules/use-cases/challenge-bad-bots.mdx @@ -15,16 +15,16 @@ These examples use: - [`cf.bot_management.score`](/ruleset-engine/rules-language/fields/reference/cf.bot_management.score/) to target requests from bots - [`cf.bot_management.verified_bot`](/ruleset-engine/rules-language/fields/reference/cf.bot_management.verified_bot/) to identify requests from [known good bots](https://radar.cloudflare.com/verified-bots) -- [`cf.bot_management.ja3_hash`](/ruleset-engine/rules-language/fields/reference/cf.bot_management.ja3_hash/) to target specific [JA3 Fingerprints](/bots/concepts/ja3-ja4-fingerprint/) +- [`cf.bot_management.ja3_hash`](/ruleset-engine/rules-language/fields/reference/cf.bot_management.ja3_hash/) to target specific [JA3 Fingerprints](/bots/additional-configurations/ja3-ja4-fingerprint/) ## Suggested rules For best results: -- Use [Bot Analytics](/bots/bot-analytics/bm-subscription/) to learn about your traffic before applying rules. +- Use [Bot Analytics](/bots/bot-analytics/#enterprise-bot-management) to learn about your traffic before applying rules. - Start small and increase your bot threshold over time. -Your rules may also vary based on the [nature of your site](/bots/get-started/bm-subscription/) and your tolerance for false positives. +Your rules may also vary based on the [nature of your site](/bots/get-started/bot-management/) and your tolerance for false positives. ### General protection @@ -68,7 +68,7 @@ This example offers the same protection as the browser-only rule, but allows aut Since Bot Management can be more sensitive to mobile traffic, you may want to add in additional logic to avoid blocking legitimate requests. -If you are handling requests from your own mobile application, you could potentially allow it based on its specific [JA3 fingerprint](/bots/concepts/ja3-ja4-fingerprint/). +If you are handling requests from your own mobile application, you could potentially allow it based on its specific [JA3 fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/). - **Expression**: `(cf.bot_management.ja3_hash eq "df669e7ea913f1ac0c0cce9a201a2ec1")` - **Action**: _Skip:_ @@ -98,13 +98,13 @@ If your domain handles mobile, browser, and API traffic, you would want to arran Static resources are protected by default when you create custom rules using the `cf.bot_management.score` field. -To exclude static resources, include `not (cf.bot_management.static_resource)` in your rule expression. For details, refer to [Static resource protection](/bots/reference/static-resources/). +To exclude static resources, include `not (cf.bot_management.static_resource)` in your rule expression. For details, refer to [Static resource protection](/bots/additional-configurations/static-resources/). ### Additional considerations From there, you could customize your custom rules based on specific request paths (`/login` or `/signup`), common traffic patterns, or many other characteristics. -Make sure you review [Bot Analytics](/bots/bot-analytics/bm-subscription/) and [Security Events](/waf/analytics/security-events/) to check if your rules need more tuning. +Make sure you review [Bot Analytics](/bots/bot-analytics/#enterprise-bot-management) and [Security Events](/waf/analytics/security-events/) to check if your rules need more tuning. --- diff --git a/src/content/docs/waf/detections/leaked-credentials/examples.mdx b/src/content/docs/waf/detections/leaked-credentials/examples.mdx index 530ff460c0cd47b..ea5df3641d45aab 100644 --- a/src/content/docs/waf/detections/leaked-credentials/examples.mdx +++ b/src/content/docs/waf/detections/leaked-credentials/examples.mdx @@ -18,9 +18,9 @@ import { Example } from "~/components"; Access to the `cf.waf.credential_check.username_and_password_leaked` field requires a Pro plan or above. ::: -Create a [rate limiting rule](/waf/rate-limiting-rules/) using [account takeover (ATO) detection](/bots/concepts/detection-ids/#account-takeover-detections) and leaked credentials fields to limit volumetric attacks from particular IP addresses, JA4 Fingerprints, or countries. +Create a [rate limiting rule](/waf/rate-limiting-rules/) using [account takeover (ATO) detection](/bots/additional-configurations/detection-ids/#account-takeover-detections) and leaked credentials fields to limit volumetric attacks from particular IP addresses, JA4 Fingerprints, or countries. -The following example rule applies rate limiting to requests with a specific [ATO detection ID](/bots/concepts/detection-ids/#account-takeover-detections) (corresponding to `Observes all login traffic to the zone`) that contain a previously leaked username and password: +The following example rule applies rate limiting to requests with a specific [ATO detection ID](/bots/additional-configurations/detection-ids/#account-takeover-detections) (corresponding to `Observes all login traffic to the zone`) that contain a previously leaked username and password: diff --git a/src/content/docs/waf/get-started.mdx b/src/content/docs/waf/get-started.mdx index 6f07346a91c96f1..b8c9c81f36137ad 100644 --- a/src/content/docs/waf/get-started.mdx +++ b/src/content/docs/waf/get-started.mdx @@ -76,10 +76,10 @@ If you are on a Business plan, create a custom rule as mentioned above but use t ## 3. Create custom rule based on bot score :::note -Bot score is only available to Enterprise customers with [Bot Management](/bots/get-started/bm-subscription/). Customers on Pro and Business plans may enable [Super Bot Fight mode](/bots/get-started/pro/) instead. +Bot score is only available to Enterprise customers with [Bot Management](/bots/get-started/bot-management/). Customers on Pro and Business plans may enable [Super Bot Fight mode](/bots/get-started/super-bot-fight-mode/) instead. ::: -Customers with access to [Bot Management](/bots/get-started/bm-subscription/) can block automated traffic (for example, from [bots scraping online content](https://www.cloudflare.com/learning/bots/what-is-content-scraping/)) using a custom rule with bot score, preventing this traffic from hitting your application. +Customers with access to [Bot Management](/bots/get-started/bot-management/) can block automated traffic (for example, from [bots scraping online content](https://www.cloudflare.com/learning/bots/what-is-content-scraping/)) using a custom rule with bot score, preventing this traffic from hitting your application. 1. Go to your domain > **Security** > **WAF** and select the **Custom rules** tab. diff --git a/src/content/docs/waf/rate-limiting-rules/best-practices.mdx b/src/content/docs/waf/rate-limiting-rules/best-practices.mdx index 2db4ddfd0675702..889d27893ccf877 100644 --- a/src/content/docs/waf/rate-limiting-rules/best-practices.mdx +++ b/src/content/docs/waf/rate-limiting-rules/best-practices.mdx @@ -243,7 +243,7 @@ In this situation, you could configure a rule similar to the following: | Rate (Requests / Period) | 5 requests / 3 minutes | | Action | Managed Challenge | -To control the rate of actions performed by automated sources, consider use rate limiting rules together with [Cloudflare Bot Management](/bots/get-started/bm-subscription/). With Bot Management, you can use the [bot score](/bots/concepts/bot-score/) as part of the matching criteria to apply the rule only to automated or likely automated traffic. For example, you can use a maximum score (or threshold) of `30` for likely automated traffic and `10` for automated traffic. +To control the rate of actions performed by automated sources, consider use rate limiting rules together with [Bot Management](/bots/get-started/bot-management/). With Bot Management, you can use the [bot score](/bots/concepts/bot-score/) as part of the matching criteria to apply the rule only to automated or likely automated traffic. For example, you can use a maximum score (or threshold) of `30` for likely automated traffic and `10` for automated traffic. If your application tracks sessions using a cookie, you can use the cookie to set the rate limiting context (that is, use it as a counting characteristic). By setting the rate limiting characteristic to Cookie, the rule will group together requests from different IP addresses but belonging to the same session, which is a common scenario when dealing with a bot network performing a distributed attack. @@ -269,7 +269,7 @@ If your application tracks sessions using a cookie, you can use the cookie to se _These example rules require Advanced Rate Limiting and Bot Management._ -If the application does not use a session cookie, you can use [JA3 fingerprints](/bots/concepts/ja3-ja4-fingerprint/) to identify individual clients. A JA3 fingerprint is a unique identifier, available to customers with [Bot Management](/bots/get-started/bm-subscription/), that allows Cloudflare to identify requests coming from the same client. All clients have an associated fingerprint, whether they are automated or not. +If the application does not use a session cookie, you can use [JA3 fingerprints](/bots/additional-configurations/ja3-ja4-fingerprint/) to identify individual clients. A JA3 fingerprint is a unique identifier, available to customers with [Bot Management](/bots/get-started/bot-management/), that allows Cloudflare to identify requests coming from the same client. All clients have an associated fingerprint, whether they are automated or not. | Setting | Value | | ------------------------ | ------------------------------------------------------------------------ | diff --git a/src/content/docs/waf/rate-limiting-rules/find-rate-limit.mdx b/src/content/docs/waf/rate-limiting-rules/find-rate-limit.mdx index 927b011eed38f28..09999533f479f69 100644 --- a/src/content/docs/waf/rate-limiting-rules/find-rate-limit.mdx +++ b/src/content/docs/waf/rate-limiting-rules/find-rate-limit.mdx @@ -24,9 +24,9 @@ The **Rate limit analysis** tab is available at the zone level in **Security** > The main chart displays the distribution of request rates for the top 50 unique clients observed during the selected time interval (for example, `1 minute`) in descending order. You can group the request rates by the following unique request properties: - **IP address** -- [**JA3 fingerprint**](/bots/concepts/ja3-ja4-fingerprint/) (only available to customers with Bot Management) +- [**JA3 fingerprint**](/bots/additional-configurations/ja3-ja4-fingerprint/) (only available to customers with Bot Management) - **IP & JA3** (only available to customers with Bot Management) -- [**JA4 fingerprint**](/bots/concepts/ja3-ja4-fingerprint/) (only available to customers with Bot Management) +- [**JA4 fingerprint**](/bots/additional-configurations/ja3-ja4-fingerprint/) (only available to customers with Bot Management) :::note diff --git a/src/content/fields/index.yaml b/src/content/fields/index.yaml index cd8e974f332f4a6..197972a9a15d776 100644 --- a/src/content/fields/index.yaml +++ b/src/content/fields/index.yaml @@ -504,7 +504,7 @@ entries: plan_info_label: Enterprise add-on summary: Indicates whether static resources should be included when you create a rule using [`cf.bot_management.score`](/ruleset-engine/rules-language/fields/reference/cf.bot_management.score/). description: |- - For more details, refer to [Static resource protection](/bots/reference/static-resources/). + For more details, refer to [Static resource protection](/bots/additional-configurations/static-resources/). Requires a Cloudflare Enterprise plan with [Bot Management](/bots/plans/bm-subscription/) enabled. @@ -515,7 +515,7 @@ entries: plan_info_label: Enterprise add-on summary: Provides an SSL/TLS fingerprint to help you identify potential bot requests. description: |- - For more details, refer to [JA3/JA4 Fingerprint](/bots/concepts/ja3-ja4-fingerprint/). + For more details, refer to [JA3/JA4 Fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/). Requires a Cloudflare Enterprise plan with [Bot Management](/bots/plans/bm-subscription/) enabled. @@ -526,7 +526,7 @@ entries: plan_info_label: Enterprise add-on summary: Provides an SSL/TLS fingerprint to help you identify potential bot requests. description: |- - For more details, refer to [JA3/JA4 Fingerprint](/bots/concepts/ja3-ja4-fingerprint/). + For more details, refer to [JA3/JA4 Fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/). Requires a Cloudflare Enterprise plan with [Bot Management](/bots/plans/bm-subscription/) enabled. @@ -537,7 +537,7 @@ entries: plan_info_label: Enterprise add-on summary: Indicates whether the visitor has previously passed a JS Detection. description: |- - For more details, refer to [JavaScript detections](/bots/reference/javascript-detections/). + For more details, refer to [JavaScript detections](/bots/additional-configurations/javascript-detections/). Requires a Cloudflare Enterprise plan with [Bot Management](/bots/plans/bm-subscription/) enabled. diff --git a/src/content/partials/bots/about-plan-bm-subscription.mdx b/src/content/partials/bots/about-plan-bm-subscription.mdx index 2a6890efa609dc4..9acdbdeb630ef0b 100644 --- a/src/content/partials/bots/about-plan-bm-subscription.mdx +++ b/src/content/partials/bots/about-plan-bm-subscription.mdx @@ -41,7 +41,7 @@ Additional control - Ability to restrict by path, IP address, and more. Access to bot score, JA3/JA4 fingerprint, bot tags fields, and detection IDs. + Ability to restrict by path, IP address, and more. Access to bot score, JA3/JA4 fingerprint, bot tags fields, and detection IDs. diff --git a/src/content/partials/bots/bot-analytics-traffic-characteristics.mdx b/src/content/partials/bots/bot-analytics-traffic-characteristics.mdx index e0a62ee4026ad52..ea1d94ecfe5ab65 100644 --- a/src/content/partials/bots/bot-analytics-traffic-characteristics.mdx +++ b/src/content/partials/bots/bot-analytics-traffic-characteristics.mdx @@ -10,4 +10,4 @@ Pay specific attention to: * Traffic from Outlook or Office user-agents. * Traffic from cloud-based Secure Web Gateways (ASNs labeled with the proxy provider). * Traffic from on-premises forward proxies. -* Whether requests come from a predictable IP address and ASN, or have a similar [JA3 fingerprint](/bots/concepts/ja3-ja4-fingerprint/). +* Whether requests come from a predictable IP address and ASN, or have a similar [JA3 fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/). diff --git a/src/content/partials/bots/bots-jsd.mdx b/src/content/partials/bots/bots-jsd.mdx index 450ff8dec6a276a..0db49de66e6f82f 100644 --- a/src/content/partials/bots/bots-jsd.mdx +++ b/src/content/partials/bots/bots-jsd.mdx @@ -3,4 +3,4 @@ --- -The [**JavaScript Detections (JSD)**](/bots/reference/javascript-detections/) engine identifies headless browsers and other malicious fingerprints. This engine performs a lightweight, invisible JavaScript injection on the client side of any request while honoring our [strict privacy standards](https://www.cloudflare.com/privacypolicy/). We do not collect any personally identifiable information during the process. The JSD engine either blocks, challenges, or passes requests to other engines. +The [**JavaScript Detections (JSD)**](/bots/additional-configurations/javascript-detections/) engine identifies headless browsers and other malicious fingerprints. This engine performs a lightweight, invisible JavaScript injection on the client side of any request while honoring our [strict privacy standards](https://www.cloudflare.com/privacypolicy/). We do not collect any personally identifiable information during the process. The JSD engine either blocks, challenges, or passes requests to other engines. diff --git a/src/content/partials/bots/cf-clearance-cookie.mdx b/src/content/partials/bots/cf-clearance-cookie.mdx index 6eb65a573c38dc1..d395290564350e8 100644 --- a/src/content/partials/bots/cf-clearance-cookie.mdx +++ b/src/content/partials/bots/cf-clearance-cookie.mdx @@ -5,7 +5,7 @@ :::note -[JavaScript detections](/bots/reference/javascript-detections/) are stored in the `cf_clearance` cookie. +[JavaScript detections](/bots/additional-configurations/javascript-detections/) are stored in the `cf_clearance` cookie. The `cf_clearance` cookie cannot exceed the maximum size of 4096 bytes. ::: \ No newline at end of file diff --git a/src/content/partials/bots/firewall-variables.mdx b/src/content/partials/bots/firewall-variables.mdx index 1cc6a78a2c2c685..b7a1c0ac1928498 100644 --- a/src/content/partials/bots/firewall-variables.mdx +++ b/src/content/partials/bots/firewall-variables.mdx @@ -6,7 +6,7 @@ Bot Management provides access to several [new variables](/ruleset-engine/rules- - **Bot Score** (`cf.bot_management.score`): An integer between 1-99 that indicates [Cloudflare's level of certainty](/bots/concepts/bot-score/) that a request comes from a bot. - **Verified Bot** (`cf.bot_management.verified_bot`): A boolean value that is true if the request comes from a good bot, like Google or Bing. Most customers choose to allow this traffic. For more details, see [Traffic from known bots](/waf/troubleshooting/faq/#how-does-the-waf-handle-traffic-from-known-bots). -- **Serves Static Resource** (`cf.bot_management.static_resource`): An identifier that matches [file extensions](/bots/reference/static-resources/) for many types of static resources. Use this variable if you send emails that retrieve static images. -- **ja3Hash** (`cf.bot_management.ja3_hash`) and **ja4** (`cf.bot_management.ja4`): A [**JA3/JA4 fingerprint**](/bots/concepts/ja3-ja4-fingerprint/) helps you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates. +- **Serves Static Resource** (`cf.bot_management.static_resource`): An identifier that matches [file extensions](/bots/additional-configurations/static-resources/) for many types of static resources. Use this variable if you send emails that retrieve static images. +- **ja3Hash** (`cf.bot_management.ja3_hash`) and **ja4** (`cf.bot_management.ja4`): A [**JA3/JA4 fingerprint**](/bots/additional-configurations/ja3-ja4-fingerprint/) helps you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates. - **Bot Detection IDs** (`cf.bot_management.detection_ids`): List of IDs that correlate to the Bot Management heuristic detections made on a request (you can have multiple heuristic detections on the same request). - **Verified Bot Categories** (`cf.verified_bot_category`): A string that allows you to segment your verified bot traffic by its [type and purpose](/bots/concepts/bot/verified-bots/categories/). diff --git a/src/content/partials/bots/get-started-pro-biz-steps.mdx b/src/content/partials/bots/get-started-pro-biz-steps.mdx index 43d2fdfb687a415..643f29cda0c199f 100644 --- a/src/content/partials/bots/get-started-pro-biz-steps.mdx +++ b/src/content/partials/bots/get-started-pro-biz-steps.mdx @@ -11,8 +11,8 @@ To start using Super Bot Fight Mode: Choose how your domain should respond to various types of traffic: - For more details on verified bots, refer to [Verified Bots](/bots/concepts/bot/#verified-bots). - - For more details on supported file types, refer to [Static resource protection](/bots/reference/static-resources/). - - For more details on invisible code injection, refer to [JavaScript detections](/bots/reference/javascript-detections/). + - For more details on supported file types, refer to [Static resource protection](/bots/additional-configurations/static-resources/). + - For more details on invisible code injection, refer to [JavaScript detections](/bots/additional-configurations/javascript-detections/). :::caution[Warning] diff --git a/src/content/partials/bots/ja3-ja4-null.mdx b/src/content/partials/bots/ja3-ja4-null.mdx index 2add73035242562..0d635667074dae1 100644 --- a/src/content/partials/bots/ja3-ja4-null.mdx +++ b/src/content/partials/bots/ja3-ja4-null.mdx @@ -3,6 +3,6 @@ --- -The [JA3/JA4 fingerprint](/bots/concepts/ja3-ja4-fingerprint/) can be null or empty in some cases. The most common case is for HTTP requests because JA3 and JA4 are calculated in TLS. It can also be empty due to the Worker sending requests within the same zone or to a zone that is not proxied (or a third party). +The [JA3/JA4 fingerprint](/bots/additional-configurations/ja3-ja4-fingerprint/) can be null or empty in some cases. The most common case is for HTTP requests because JA3 and JA4 are calculated in TLS. It can also be empty due to the Worker sending requests within the same zone or to a zone that is not proxied (or a third party). [Orange to Orange (O2O)](/cloudflare-for-platforms/cloudflare-for-saas/saas-customers/) should not cause null or empty JA3 or JA4 fingerprints, unless the eyeball zone is routing traffic to the target zone using a Worker. \ No newline at end of file diff --git a/src/content/partials/bots/javascript-detections-implementation.mdx b/src/content/partials/bots/javascript-detections-implementation.mdx index e0a510377c7381a..313d4c86bea3abc 100644 --- a/src/content/partials/bots/javascript-detections-implementation.mdx +++ b/src/content/partials/bots/javascript-detections-implementation.mdx @@ -14,7 +14,7 @@ When adding this field to WAF custom rules, use it: ### Prerequisites * You must have JavaScript detections enabled on your zone. -* You must have [updated your Content Security Policy headers](/bots/reference/javascript-detections/#if-you-have-a-content-security-policy-csp) for JavaScript detections. +* You must have [updated your Content Security Policy headers](/bots/additional-configurations/javascript-detections/#if-you-have-a-content-security-policy-csp) for JavaScript detections. * You must not run this field on websocket endpoints. * You must use the field in a custom rules expression that expects only browser traffic. * The action should always be a managed challenge in case a legitimate user has not received the challenge for network or browser reasons. diff --git a/src/content/partials/bots/rss-labels.mdx b/src/content/partials/bots/rss-labels.mdx index e5ac2387128b4ce..d22a3e39d0192af 100644 --- a/src/content/partials/bots/rss-labels.mdx +++ b/src/content/partials/bots/rss-labels.mdx @@ -2,6 +2,6 @@ {} --- -[Bot Fight Mode](/bots/get-started/free/) will not block requests to endpoints labeled as `cf-rss-feed`. +[Bot Fight Mode](/bots/get-started/bot-fight-mode/) will not block requests to endpoints labeled as `cf-rss-feed`. -[Super Bot Fight Mode rules](/bots/get-started/pro/#ruleset-engine) will not match or challenge requests labeled as `cf-rss-feed`. \ No newline at end of file +[Super Bot Fight Mode rules](/bots/get-started/super-bot-fight-mode/#ruleset-engine) will not match or challenge requests labeled as `cf-rss-feed`. \ No newline at end of file diff --git a/src/content/partials/speed/brotli-compression-warning.mdx b/src/content/partials/speed/brotli-compression-warning.mdx index 26fa4d59d9db266..eea0423d3f16e37 100644 --- a/src/content/partials/speed/brotli-compression-warning.mdx +++ b/src/content/partials/speed/brotli-compression-warning.mdx @@ -14,7 +14,7 @@ Even when using the same compression algorithm end to end (between your origin s - [Mirage](/speed/optimization/images/mirage/) - [Polish](/images/polish/) - [Rocket Loader](/speed/optimization/content/rocket-loader/) -- [JavaScript detections](/bots/reference/javascript-detections/) +- [JavaScript detections](/bots/additional-configurations/javascript-detections/) - [RUM](/speed/speed-test/run-speed-test/#enable-real-user-monitoring-rum) To disable these settings for specific URI paths, create a [configuration rule](/rules/configuration-rules/).