Bot Actions: How to detect behaviours common to bots
Shield Security is focused on helping you detect characteristics and behavior commonly associated with illegitimate bots. To achieve this, we use bot detection rules, or "bot signals".
Signals are just behaviours that bots have which indicate that they could be a bot. With enough of these behaviours, we can detect whether a particular bot is legitimate (good bot) or not.
How to detect behaviors common to bots
Shield's Bot Actions component provides the following effective ways to achieve this:
- Detect and capture login bots
- Detect and capture probing bots
- Detect and capture bad bots with Mouse Trap
- Detect fake web crawler and empty user agents
The all options can be found under the main navigation menu > Bots & IPs Zone > Bot Actions component configuration:
You can decide how you want Shield to respond. You’ll have 4 options to choose from:
- Activity Log Only. This option lets you see the activity of these bots on the Activity Log before applying any offenses or blocks to offenders. It’ll let you test-drive the signal before making it take effect.
- Increment Offense (by 1). This option puts another black mark against an IP. As always with the offense system, once the limit is reached for an IP address, it is blocked from accessing the site.
- Double Offense (by 2). We’ve added the ability to give weight to certain behaviours. By allowing the offense counter to increment by 2, the IP will reach the limit more quickly, and be blocked sooner.
- Immediate block. If you decide that a particular signal on your site is severe enough, you can have Shield immediately mark that IP as blocked.
Read more about the offense limit here and the Automatic IP Blacklist System here.
Hint: You may also want to use HTTP Request Log to review all logs of HTTP requests made to your WordPress site.
We also recommend you to read:
Note: ShieldPRO is required for the certain Bot Actions options. To find out what the extra ShieldPRO features are and how to purchase, please follow this link here.