Security & Validation

Bot Detection Policy

The bot detection inbound policy provides a bot score for every request that can be used to determine the likelihood the request came from a bot. The policy can be configured to automatically block traffic with a set score or simply pass along the score for you to respond in other policies or handlers.

Enterprise Feature

This policy is only available as part of our enterprise plans. If you would like to use this in production reach out to us: sales@zuplo.com

Configuration

The configuration shows how to configure the policy in the 'policies.json' document.

{
  "name": "my-bot-detection-inbound-policy",
  "policyType": "bot-detection-inbound",
  "handler": {
    "export": "BotDetectionInboundPolicy",
    "module": "$import(@zuplo/runtime)",
    "options": {
      "blockScoresBelow": 80
    }
  }
}
json

Policy Configuration

name <string> - The name of your policy instance. This is used as a reference in your routes.
policyType <string> - The identifier of the policy. This is used by the Zuplo UI. Value should be bot-detection-inbound.
handler.export <string> - The name of the exported type. Value should be BotDetectionInboundPolicy.
handler.module <string> - The module containing the policy. Value should be $import(@zuplo/runtime).
handler.options <object> - The options for this policy. See Policy Options below.

Policy Options

The options for this policy are specified below. All properties are optional unless specifically marked as required.

blockScoresBelow (required) <number> - The threshold at which bots are automatically blocked.

​Bot Detection Policy

Enterprise Feature

​Configuration

​Policy Configuration

​Policy Options

​Using the Policy

Bot Detection Policy

Configuration

Policy Configuration

Policy Options

Using the Policy