What Is The silentCAPTCHA Bot Minimum Score Option And How Does It Work?

The silentCAPTCHA Bot Minimum Score option is a part of the Bots & IPs Zone: silentCAPTCHA AntiBot system. You can use it to set the bot minimum score (percentage).

Bot Minimum Score configuration

To configure silentCAPTCHA Bot Minimum Score in Shield, you may go to Shield Security > Security Zones > Bots & IPs zone. When you click Configure next to the silentCAPTCHA component, a configuration sidebar window will open up for you. Here, you'll see all options for the silentCAPTCHA AntiBot technology, silentCAPTCHA Bot Minimum Score.

Access to silentCAPTCHA Bot Minimum Score option

Every IP address accessing your site gets its own unique visitor score - the higher the score, the better the visitor i.e. the more likely it's human.

A score of '0' means it's highly likely to be a bad bot, for example:

A score of '100' would mean it's almost certainly good, for example:

When a bot tries to login, or post a comment, we test its visitor score. If the visitor score fails to meet your minimum bot score, we prevent the request. If its higher, we allow it.

This means: choose a higher minimum score to be more strict and capture more bots (but potentially block someone that appears to be a bot, but isn't). Or choose a lower minimum score to perhaps allow through more bots (but reduce the chances of accidentally blocking legitimate visitors).

How to reset IP Reputation Score

If you need to reset IP Reputation Score for a specific IP address, the easiest way is via the IP Analysis dialog.

In the table, click the IP address you want.

When the IP Analysis dialog opens, choose “Reset For This IP” option. Offense limit and bot signals will reset to zero.

Example

silentCAPTCHA Bot detection scoring improvements

ShieldPRO‘s new silentCAPTCHA system has been a great success so far with its ability to detect bad bots without any CAPTCHAs. As with anything new, there will always be room for enhancement, tweaking and optimising to ensure it works better on more sites.
Some of improvements we’ve made include:

  • Improved Bot Scoring Logic

    We’ve adjusted a lot of scoring logic to help ensure legitimate users don’t get flagged as bots.

    We’ve also improved the system’s ability to pick-up on past user sessions, which help improve NotBot scores for administrators.

  • No More Cookies

    Shield would drop a cookie to assist in tracking which clients had completed the NotBot tests. With a bit of code restructuring, we no longer need to use these cookies

  • Faster NotBot Execution

    Originally we thought putting the NotBot Javascript into the page footer and executing after the page load was a wise optimisation. It actually need to go in the future because the tiny bit of code that is executed is AJAX, it runs in the background and doesn’t block any page rendering for visitors.

    With it being in the footer, there were instances where an admin would try login but the NotBot hadn’t executed in-time, causing the admin to appear to be a bot.

    To address this, we’ve put the NotBot AJAX in the <head> section and it executes immediately.

  • Better Bot Score Reset

    Sometimes it was necessary to reset a bot score through the Shield interface. Previously, when you reset the score it would immediately look to the Block List and pick-up negative signals for the IP and you’d be back to square 1. Not any longer – when you reset the bot score, it’ll also remove the IP from the Block List if it’s there.

Note: You can use the IP Management and Analyse tool to see all information pertaining to an IP address in 1 place. Here, you can also reset Bot Score for that IP address.