Implementation methods
2 min read
Though most customers choose to implement bot management through Firewall rules, Cloudflare actually makes various bot signals available in several different products.
Firewall
Bot Management provides access to several new variables within the Firewall expression builder.
- Bot Score (
cf.bot_management.score
): An integer between 1-99 that indicates Cloudflare’s level of certainty that a request comes from a bot. - Verified Bot (
cf.bot_management.verified_bot
): A boolean value that is true if the request comes from a good bot, like Google or Bing. Most customers choose to allow this traffic. For more details, see Traffic from known bots. - Serves Static Resource (
cf.bot_management.static_resource
): An identifier that matches file extensions for many types of static resources. Use this variable if you send emails that retrieve static images. - ja3Hash (
cf.bot_management.ja3_hash
): A JA3 Fingerprint helps you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates. - Bot Detection IDs (
cf.bot_management.detection_ids
): List of IDs that correlate to the Bot Management heuristic detections made on a request (you can have multiple heuristic detections on the same request).
Common use cases
You can use Firewall variables in a variety of actions, including:
- Log
- Bypass
- Allow
- Challenge
For a full list of options, refer to Firewall actions.
Workers
These variables are also available as part of the request.cf object via Cloudflare Workers:
request.cf.botManagement.score
request.cf.botManagement.verifiedBot
request.cf.botManagement.staticResource
request.cf.botManagement.ja3Hash
request.cf.botManagement.detectionIds
Common use cases
You might want to do the following based on bot information in Cloudflare Workers:
- Capture score with request (asynchronous warfare).
- Redirect (to other page, application, honeypot, compute).
- Serve alternative content based on score (avoid serving ads to bots with a low score).
- Require additional authentication (for example, token authentication for requests with low score).
- Notify users of low-score logins.
- Check for combinations based on Bot Score and Clearance Cookie (show which bots passed challenges, or which humans got low scores).
For examples that could be useful in building these actions, refer to Workers Examples.
Logs
Once you enable Bot Management, Cloudflare also surfaces bot information in its HTTP requests log fields:
- BotDetectionIDs
- BotScore
- BotScoreSrc
- BotTags
Common use cases
With log information, the main use case is better understanding and analyzing bot traffic.
Unit 2 of 5