Cloudflare API | Bot Management › Update Zone Bot Management Config

See Bot Plans for more information on the different plans
If you recently upgraded or downgraded your plan, refer to the following examples to clean up old configurations. Copy and paste the example body to remove old zone configurations based on your current plan.

Clean up configuration for Bot Fight Mode plan

{
  "sbfm_likely_automated": "allow", 
  "sbfm_definitely_automated": "allow", 
  "sbfm_verified_bots": "allow", 
  "sbfm_static_resource_protection": false, 
  "optimize_wordpress": false, 
  "suppress_session_score": false
}

Clean up configuration for SBFM Pro plan

{
  "sbfm_likely_automated": "allow", 
  "fight_mode": false 
}

Clean up configuration for SBFM Biz plan

{
  "fight_mode": false
}

Clean up configuration for BM Enterprise Subscription plan

It is strongly recommended that you ensure you have custom rules in place to protect your zone before disabling the SBFM rules. Without these protections, your zone is vulnerable to attacks.

{
  "sbfm_likely_automated": "allow", 
  "sbfm_definitely_automated": "allow", 
  "sbfm_verified_bots": "allow", 
  "sbfm_static_resource_protection": false, 
  "optimize_wordpress": false, 
  "fight_mode": false
}

Security

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example: Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

Accepted Permissions (at least one required)

Bot Management Write

path Parameters

zone_id: string

(maxLength: 32)

Identifier.

Response fields

errors: Array<{ code, message, documentation_url, 1 more... }>

messages: Array<{ code, message, documentation_url, 1 more... }>

success: true

Whether the API call was successful.

result:

BotFightModeConfiguration

SuperBotFightModeDefinitelyConfiguration

SuperBotFightModeLikelyConfiguration

| 1 more...

Optional

Request example

curl https://api.cloudflare.com/client/v4/zones/$ZONE_ID/bot_management \
    -X PUT \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    -d '{
          "ai_bots_protection": "block",
          "cf_robots_variant": "policy_only",
          "crawler_protection": "enabled",
          "enable_js": true,
          "fight_mode": true
        }'

200Example

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": {
    "ai_bots_protection": "block",
    "cf_robots_variant": "policy_only",
    "crawler_protection": "enabled",
    "enable_js": true,
    "fight_mode": true,
    "is_robots_txt_managed": false,
    "stale_zone_configuration": {
      "optimize_wordpress": true,
      "sbfm_definitely_automated": "sbfm_definitely_automated",
      "sbfm_likely_automated": "sbfm_likely_automated",
      "sbfm_static_resource_protection": "sbfm_static_resource_protection",
      "sbfm_verified_bots": "sbfm_verified_bots",
      "suppress_session_score": true
    },
    "using_latest_model": true
  }
}

Domain types

BotFightModeConfiguration = { ai_bots_protection, cf_robots_variant, crawler_protection, 5 more... }

SubscriptionConfiguration = { ai_bots_protection, auto_update_model, bm_cookie_enabled, 7 more... }

SuperBotFightModeDefinitelyConfiguration = { ai_bots_protection, cf_robots_variant, crawler_protection, 8 more... }

SuperBotFightModeLikelyConfiguration = { ai_bots_protection, cf_robots_variant, crawler_protection, 9 more... }

Bot Management

Feedback

bot_management.feedback

Methods

List Zone Feedback Reports -> Array<

FeedbackReport

get/zones/{zone_id}/bot_management/feedback

Returns all feedback reports previously submitted for the specified zone. Feedback reports help improve detection by sharing samples of traffic that were misclassified as bots or humans.

Submit A Feedback Report ->

post/zones/{zone_id}/bot_management/feedback

Submit a feedback report for the specified zone. Use type to indicate whether the report is a false positive (good traffic flagged as bot) or a false negative (bot traffic missed). Furthermore, you can also use expression as a wirefilter to identify the affected traffic sample.

See more accepted API fields and expression types at https://developers.cloudflare.com/bots/concepts/feedback-loop/#api-fields and https://developers.cloudflare.com/bots/concepts/feedback-loop/#expression-fields, respectively.

Domain types

FeedbackReport = { description, expression, first_request_seen_at, 8 more... }

FeedbackType = "false_positive" | "false_negative"

Type of feedback report.

MetricRequests = { metric, requests }

RequestsByAttribute = Record<string, Array<

MetricRequests

Top attributes contributing to the feedback sample. Keys include topASNs, topCountries, topHosts, topIPs, topJA3Hashes, topJA4s, topPaths, topUserAgents.

RequestsByScore = Record<string, number>

Map of bot scores (1-99) to request counts. Sum must equal requests.

RequestsByScoreSrc = Record<string, number>

Map of score source to request counts. Sum must equal requests.