Fortinet Document Library

Version:


Table of Contents

User Guide

Download PDF
Copy Link

Bot Deception

To prevent bot deception, you can configure to insert link into HTML type response pages. For regular clients, the link is invisible, while for malicious bots like web crawler, they may request the resources which the invisible link points at.

To configure bot deception

  1. Go to BOT MITIGATION > Bot Deception.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. For Deception URL, specify the deception URL to be inserted in the HTML response page, which can be either an absolute path or a relative path.
  3. Click +Create Rule to enter the literal URL, such as /index.php, or a regular expression, such as ^/*.php that the HTTP request must contain in order to match the rule. Multiple URLs are supported.
  4. Click OK.
  5. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate an alert email and/or log message.

    Alert & Deny

    Block the request (or reset the connection) and generate an alert email and/or log message.

    Deny(no log)

    Block the request (or reset the connection).

    Period Block

    Block subsequent requests from the client for 10 minutes.

  6. Click SAVE.

Bot Deception

To prevent bot deception, you can configure to insert link into HTML type response pages. For regular clients, the link is invisible, while for malicious bots like web crawler, they may request the resources which the invisible link points at.

To configure bot deception

  1. Go to BOT MITIGATION > Bot Deception.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. For Deception URL, specify the deception URL to be inserted in the HTML response page, which can be either an absolute path or a relative path.
  3. Click +Create Rule to enter the literal URL, such as /index.php, or a regular expression, such as ^/*.php that the HTTP request must contain in order to match the rule. Multiple URLs are supported.
  4. Click OK.
  5. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate an alert email and/or log message.

    Alert & Deny

    Block the request (or reset the connection) and generate an alert email and/or log message.

    Deny(no log)

    Block the request (or reset the connection).

    Period Block

    Block subsequent requests from the client for 10 minutes.

  6. Click SAVE.