Fortinet Document Library

Version:


Table of Contents

User Guide

Download PDF
Copy Link

Biometrics Based Detection

By checking the client events such as mouse movement, keyboard, screen touch, and scroll, etc in specified period, FortiWeb Cloud judges whether the request comes from a human or from a bot.

  1. Go to BOT MITIGATION > Biometrics Based Detection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.
    Monitor Client Events

    Select at least one client event according to your need.

    • Mouse Movement
    • Click
    • Keyboard
    • Screen Touch
    • Scroll
    Event Collection Period Specify the time period that the events will be collected from the client.
    Bot Effective Time For the identified bot, choose the time period before FortiWeb Cloud tests and verifies the bot again.
  3. Click +Create Rule.
  4. For URL, enter the literal URL, such as /index.php, or a regular expression, such as ^/*.php that the HTTP request must contain in order to match the rule. Multiple URLs are supported.
  5. Click OK.
  6. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate an alert email and/or log message.

    Alert & Deny

    Block the request (or reset the connection) and generate an alert email and/or log message.

    Deny(no log)

    Block the request (or reset the connection).

  7. Click SAVE.

Biometrics Based Detection

By checking the client events such as mouse movement, keyboard, screen touch, and scroll, etc in specified period, FortiWeb Cloud judges whether the request comes from a human or from a bot.

  1. Go to BOT MITIGATION > Biometrics Based Detection.
    You must have already enabled this module in Add Modules. See How to add or remove a module.
  2. Configure these settings.
    Monitor Client Events

    Select at least one client event according to your need.

    • Mouse Movement
    • Click
    • Keyboard
    • Screen Touch
    • Scroll
    Event Collection Period Specify the time period that the events will be collected from the client.
    Bot Effective Time For the identified bot, choose the time period before FortiWeb Cloud tests and verifies the bot again.
  3. Click +Create Rule.
  4. For URL, enter the literal URL, such as /index.php, or a regular expression, such as ^/*.php that the HTTP request must contain in order to match the rule. Multiple URLs are supported.
  5. Click OK.
  6. Select the action that FortiWeb Cloud takes when it detects a violation of the rule from the top right corner.
    To configure the actions, you must first enable the Advanced Configuration in Global > Settings.

    Alert

    Accept the request and generate an alert email and/or log message.

    Alert & Deny

    Block the request (or reset the connection) and generate an alert email and/or log message.

    Deny(no log)

    Block the request (or reset the connection).

  7. Click SAVE.