Bot Management variables
Ruleset Engine fields
Bot Management provides access to several new variables within the expression builder of Ruleset Engine-based products such as WAF custom rules.
- Bot Score (
cf.bot_management.score
): An integer between 1-99 that indicates Cloudflare’s level of certainty that a request comes from a bot. - Verified Bot (
cf.bot_management.verified_bot
): A boolean value that is true if the request comes from a good bot, like Google or Bing. Most customers choose to allow this traffic. For more details, see Traffic from known bots. - Serves Static Resource (
cf.bot_management.static_resource
): An identifier that matches file extensions for many types of static resources. Use this variable if you send emails that retrieve static images. - ja3Hash (
cf.bot_management.ja3_hash
): A JA3 Fingerprint helps you profile specific SSL/TLS clients across different destination IPs, Ports, and X509 certificates. - Bot Detection IDs (
cf.bot_management.detection_ids
): List of IDs that correlate to the Bot Management heuristic detections made on a request (you can have multiple heuristic detections on the same request). - Verified Bot Categories (
cf.verified_bot_category
): A string that allows you to segment your verified bot traffic by its type and purpose.
Workers variables
These variables are also available as part of the request.cf object via Cloudflare Workers:
request.cf.botManagement.score
request.cf.botManagement.verifiedBot
request.cf.botManagement.staticResource
request.cf.botManagement.ja3Hash
request.cf.botManagement.js_detection.passed
request.cf.botManagement.detectionIds
request.cf.verifiedBotCategory
Corporate Proxy
The Bot Management Corporate Proxy field contains identified cloud-based corporate proxies and secure web gateways that are Enterprise-only, and provide outbound security services to their clients.
You can access the Corporate Proxy field in custom rules, rate limiting rules, or Workers to provide different security rules for traffic from these sources. You can also exempt them from rules using Bot Management scores.
Examplenot cf.bot_management.verified_bot and not cf.bot_management.static_resource and not cf.bot_management.corporate_proxyand cf.bot_management.score lt 30
Log fields
Once you enable Bot Management, Cloudflare also surfaces bot information in its HTTP requests log fields:
- BotDetectionIDs
- BotScore
- BotScoreSrc
- BotTags