Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html below:

AWS WAF Bot Control rule group

Inspects for bots that are used for advertising purposes. For example, you might use third-party advertising services that need to programmatically access your website.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:advertising and awswaf:managed:aws:bot-control:CategoryAdvertising

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that are used for archiving purposes. These bots crawl the web and capture content for the purposes of creating archives.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:archiver and awswaf:managed:aws:bot-control:CategoryArchiver

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that visit the application's website on behalf of a user, to fetch content like RSS feeds or to verify or validate your content.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:content_fetcher and awswaf:managed:aws:bot-control:CategoryContentFetcher

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that check links within emails that point to the application's website. This can include bots run by businesses and email providers, to verify links in emails and flag suspicious emails.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:email_client and awswaf:managed:aws:bot-control:CategoryEmailClient

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for requests that are generated by bots from the HTTP libraries of various programming languages. These may include API requests that you choose to allow or monitor.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:http_library and awswaf:managed:aws:bot-control:CategoryHttpLibrary

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that check for broken links.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:link_checker and awswaf:managed:aws:bot-control:CategoryLinkChecker

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for miscellaneous bots that don't match other categories.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:miscellaneous and awswaf:managed:aws:bot-control:CategoryMiscellaneous

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that are used for monitoring purposes. For example, you might use bot monitoring services that periodically ping your application website to monitor things like performance and uptime.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:monitoring and awswaf:managed:aws:bot-control:CategoryMonitoring

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots from web scraping frameworks, which are used to automate crawling and extracting content from websites.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:scraping_framework and awswaf:managed:aws:bot-control:CategoryScrapingFramework

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for search engine bots, which crawl websites to index content and make the information available for search engine results.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:search_engine and awswaf:managed:aws:bot-control:CategorySearchEngine

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that scan web applications for vulnerabilities or that perform security audits. For example, you might use a third-party security vendor that scans, monitors, or audits your web application’s security.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:security and awswaf:managed:aws:bot-control:CategorySecurity

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that are used for search engine optimization. For example, you might use search engine tools that crawl your site to help you improve your search engine rankings.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:seo and awswaf:managed:aws:bot-control:CategorySeo

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for bots that are used by social media platforms to provide content summaries when users share your content.

Rule action, applied only to unverified bots: Block

Labels: awswaf:managed:aws:bot-control:bot:category:social_media and awswaf:managed:aws:bot-control:CategorySocialMedia

For verified bots, the rule group does not match this rule and takes no action, but it adds the bot name and category labeling plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects for artificial intelligence (AI) bots.

This rule applies the action to all matches, regardless of whether the bots are verified or unverified.

Rule action: Block

Labels: awswaf:managed:aws:bot-control:bot:category:ai and awswaf:managed:aws:bot-control:CategoryAI

For verified bots, the rule group matches this rule and takes an action. It additionally adds the bot name and category labeling, the rule labeling, plus the label awswaf:managed:aws:bot-control:bot:verified.

Inspects requests that are not from verified bots for indicators that the client browser might be automated. Automated browsers can be used for testing or scraping. For example, you might use these types of browsers to monitor or verify your application website.

Rule action: Block

Labels: awswaf:managed:aws:bot-control:signal:automated_browser and awswaf:managed:aws:bot-control:SignalAutomatedBrowser

For verified bots, the rule group does not match this rule and does not apply any signal or rule labels.

Inspects requests that are not from verified bots for indicators of data centers that are typically used by bots.

Rule action: Block

Labels: awswaf:managed:aws:bot-control:signal:known_bot_data_center and awswaf:managed:aws:bot-control:SignalKnownBotDataCenter

For verified bots, the rule group does not match this rule and does not apply any signal or rule labels.

Inspects requests that are not from verified bots for user agent strings that don't seem to be from a web browser. This category can include API requests.

Rule action: Block

Labels: awswaf:managed:aws:bot-control:signal:non_browser_user_agent and awswaf:managed:aws:bot-control:SignalNonBrowserUserAgent

For verified bots, the rule group does not match this rule and does not apply any signal or rule labels.

Inspects requests that are not from verified bots with 5 or more requests from a single client in the last 5 minutes that don't include a valid challenge token. For information about tokens, see Token use in AWS WAF intelligent threat mitigation.

It's possible for this rule to match on a request that has a token if requests from the same client have recently been missing tokens.

The threshold that this rule applies can vary slightly due to latency.

This rule handles missing tokens differently from the token labeling: awswaf:managed:token:absent. The token labeling labels individual requests that don't have a token. This rule maintains a count of requests that are missing their token for each client IP, and it matches against clients that go over the limit.

Rule action: Challenge

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:ip:token_absent and awswaf:managed:aws:bot-control:TGT_VolumetricIpTokenAbsent

Inspects requests that are not from verified bots that don't include a valid challenge token. For information about tokens, see Token use in AWS WAF intelligent threat mitigation.

Rule action: Count

Labels: awswaf:managed:aws:bot-control:TGT_TokenAbsent

Inspects for an abnormally high number of requests that are not from verified bots that come from a single client session in a 5 minute window. The evaluation is based on a comparison to standard volumetric baselines that AWS WAF maintains using historic traffic patterns.

This inspection only applies when the web request has a token. Tokens are added to requests by the application integration SDKs and by the rule actions CAPTCHA and Challenge. For more information, see Token use in AWS WAF intelligent threat mitigation.

This rule can take 5 minutes to go into effect after you enable it. Bot Control identifies anomalous behavior in your web traffic by comparing the current traffic to traffic baselines that AWS WAF computes.

Rule action: CAPTCHA

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:high and awswaf:managed:aws:bot-control:TGT_VolumetricSession

The rule group applies the following labels to medium volume and lower volume requests that are above a minimum threshold. For these levels, the rule takes no action, regardless of whether the client is verified: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:medium and awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:low.

Inspects for an abnormally high number of requests that are not from verified bots that come from a single client session in a 5 minute window. The evaluation is based on a comparison to standard volumetric baselines that AWS WAF maintains using historic traffic patterns.

This rule indicates the maximum confidence in the assessment.

This inspection only applies when the web request has a token. Tokens are added to requests by the application integration SDKs and by the rule actions CAPTCHA and Challenge. For more information, see Token use in AWS WAF intelligent threat mitigation.

This rule can take 5 minutes to go into effect after you enable it. Bot Control identifies anomalous behavior in your web traffic by comparing the current traffic to traffic baselines that AWS WAF computes.

Rule action: Block

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:maximum and awswaf:managed:aws:bot-control:TGT_VolumetricSessionMaximum

Inspects the tokens of requests that are not from verified bots for indicators that the client browser might be automated. For more information, see AWS WAF token characteristics.

This inspection only applies when the web request has a token. Tokens are added to requests by the application integration SDKs and by the rule actions CAPTCHA and Challenge. For more information, see Token use in AWS WAF intelligent threat mitigation.

Rule action: CAPTCHA

Labels: awswaf:managed:aws:bot-control:targeted:signal:automated_browser and awswaf:managed:aws:bot-control:TGT_SignalAutomatedBrowser

Inspects requests that are not from verified bots that indicate the presence of a browser extension that assists in automation, such as Selenium IDE. This rule matches whenever a user has this type of extension installed, even if they're not actively using it.

This inspection only applies when the web request has a token. Tokens are added to requests by the application integration SDKs and by the rule actions CAPTCHA and Challenge. For more information, see Token use in AWS WAF intelligent threat mitigation.

Rule action: CAPTCHA

Labels: awswaf:managed:aws:bot-control:targeted:signal:browser_automation_extension and awswaf:managed:aws:bot-control:TGT_SignalBrowserAutomationExtension

Inspects requests that are not from verified bots for inconsistent browser interrogation data. For more information, see AWS WAF token characteristics.

This inspection only applies when the web request has a token. Tokens are added to requests by the application integration SDKs and by the rule actions CAPTCHA and Challenge. For more information, see Token use in AWS WAF intelligent threat mitigation.

Rule action: CAPTCHA

Labels: awswaf:managed:aws:bot-control:targeted:signal:browser_inconsistency and awswaf:managed:aws:bot-control:TGT_SignalBrowserInconsistency

Inspects requests that are not from verified bots for anomalous behavior that’s consistent with distributed, coordinated bot activity. The rule levels indicate the level of confidence that a group of requests are participants in a coordinated attack.

The thresholds that these rules apply can vary slightly due to latency. A few requests might make it through beyond the limit before the rule action is applied.

AWS WAF performs this inspection through machine learning analysis of website traffic statistics. AWS WAF analyzes web traffic every few minutes and optimizes the analysis for the detection of low intensity, long-duration bots that are distributed across many IP addresses.

These rules might match on a very small number of requests before determining that a coordinated attack is not underway. So if you see just a match or two, the results might be false positives. If you see a lot of matches coming out of these rules however, then you're probably experiencing a coordinated attack.

These rules can take up to 24 hours to go into effect after you enable the Bot Control targeted rules with the ML option. Bot Control identifies anomalous behavior in your web traffic by comparing the current traffic to traffic baselines that AWS WAF has computed. AWS WAF only computes the baselines while you're using the Bot Control targeted rules with the ML option, and it can take up to 24 hours to establish meaningful baselines.

We periodically update our machine learning models for these rules, to improve bot predictions. If you notice a sudden and substantial change in the bot predictions that these rules make, contact your account manager or open a case at AWS Support Center.

Rule actions:

• Low: Challenge

• Medium: CAPTCHA

• High: CAPTCHA

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:coordinated_activity:low|medium|high and awswaf:managed:aws:bot-control:TGT_ML_CoordinatedActivityLow|Medium|High

Inspects requests that are not from verified bots for the use of a single token among multiple IPs in the last 5 minutes. Each level has a limit on the number of distinct IPs:

• Low: more than 3

• Medium: more than 4

• High: more than 8

The thresholds that these rules apply can vary slightly due to latency. A few requests might make it through beyond the limit before the rule action is applied.

Rule actions:

• Low: Count

• Medium: CAPTCHA

• High: Block

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:token_reuse:ip:low|medium|high and awswaf:managed:aws:bot-control:TGT_TokenReuseIpLow|Medium|High

Inspects requests that are not from verified bots for the use of a single token across multiple countries in the last 5 minutes. Each level has a limit on the number of distinct countries:

• Low: more than 1

• Medium: more than 2

• High: more than 3

The thresholds that these rules apply can vary slightly due to latency. A few requests might make it through beyond the limit before the rule action is applied.

Rule actions:

• Low: Count

• Medium: CAPTCHA

• High: Block

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:token_reuse:country:low|medium|high and awswaf:managed:aws:bot-control:TGT_TokenReuseCountryLow|Medium|High

Inspects requests that are not from verified bots for the use of a single token across multiple networking autonomous system numbers (ASNs) in the last 5 minutes. Each level has a limit on the number of distinct ASNs:

• Low: more than 1

• Medium: more than 2

• High: more than 3

The thresholds that these rules apply can vary slightly due to latency. A few requests might make it through beyond the limit before the rule action is applied.

Rule actions:

• Low: Count

• Medium: CAPTCHA

• High: Block

Labels: awswaf:managed:aws:bot-control:targeted:aggregate:volumetric:session:token_reuse:asn:low|medium|high and awswaf:managed:aws:bot-control:TGT_TokenReuseAsnLow|Medium|High

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4