Cloudflare bot plans
To learn more about features and functionality, select a plan.
|Plan name||Super Bot Fight Mode|
|Availability||All Business customers and Enterprise customers without Bot Management*|
|Enablement||Toggle in Firewall > Bots|
|Type of bots detected||Simple bots, headless browsers, and many sophisticated bots|
|Actions||Customer chooses whether to allow, block, or challenge|
|Analytics||Dedicated Bot Analytics tool, available in the Firewall|
|Additional control||Applied to all traffic across a domain|
*When users purchase Bot Management for Enterprise, Cloudflare automatically replaces and disables other bot products to prevent overlap.
Bot detection engines
The Heuristics engine processes all requests. Cloudflare conducts a number of heuristic checks to identify automated traffic, and requests are matched against a growing database of malicious fingerprints.
The Machine Learning (ML) engine accounts for the majority of all detections, human and bot. This approach leverages our global network, which proxies billions of requests daily, to identify both automated and human traffic. We constantly train the ML engine to become more accurate and adapt to new threats. Most importantly, this engine learns from traffic across all Cloudflare domains and uses these insights to score traffic while honoring our .
The ML engine identifies likely automated traffic.
JSD is completely optional. To adjust your settings, configure Super Bot Fight Mode from Firewall > Bots.
Notes on detection
- Protect entire domains without endpoint restrictions
- Cannot be customized, adjusted, or reconfigured via Firewall Rules