Bot Protection Components
Bots are software applications that run automated tasks. Barracuda WAF-as-a-Service detects bots and web scrapers and protects against automated attacks carried out by bots.
You can independently control the three components of Bot Protection:
- Bot Attacks – Blocks automated attacks carried out by bots, including referrer spam and comment spam.
- Bot Detection – Add deceptive elements to your application to detect and trap badly-behaved bots. Enable client challenges to check that a user is human.
- Predefined Bots – Block or allow predefined bots that are either potentially hazardous or potentially beneficial to your applications.
Barracuda WAF-as-a-Service calculates a Risk Score for each request and client. This score is based on several factors, including the client’s past requests, any attacks detected, a client fingerprint, and more. It is calculated using a machine learning model. You can customize the effect of certain behaviors on a Risk Score.
- On the Violation Responses - Response Policies page, you can select how much you want to increase the Risk Score for any of the behaviors displayed.
- On the Violation Responses - Policy Options page, in the Client Risk Score Thresholds section, you can select the Risk Score threshold at which Barracuda WAF-as-a-Service challenges the user (for Suspicious Clients), or blocks the user entirely (for Bad Clients).
For additional information, refer to Advanced Bot Protection in the Barracuda Web Application Firewall documentation.