Plans — ProTo learn more about features and functionality, select a plan.
|Plan name||Super Bot Fight Mode|
|Availability||All Pro customers|
|Enablement||Toggle in Firewall > Bots|
|Type of bots detected||Simple bots and headless browsers|
|Actions||Customer chooses whether to allow, block, or challenge|
|Analytics||Limited analytics available in a Bot Report|
|Additional control||Applied to all traffic across a domain|
Bot detection engines
HeuristicsThe Heuristics engine processes all requests. Cloudflare conducts a number of heuristic checks to identify automated traffic, and requests are matched against a growing database of malicious fingerprints.
JSD is completely optional. To adjust your settings, configure Super Bot Fight Mode from Security > Bots.
Notes on detection
Cloudflare uses the
__cf_bm cookie to smooth out the Bot Score and reduce false positives for actual user sessions.
The Bot Management cookie measures a single user’s request pattern and applies it to the machine learning data to generate a reliable Bot Score for all of that user’s requests.
For more details, refer to Cloudflare Cookies.
Bot Fight Mode and Super Bot Fight Mode use the same underlying technology that powers our Bot Management product. Specifically, these products:
- Protect entire domains without endpoint restrictions
- Cannot be customized, adjusted, or reconfigured via firewall rules
Although these products are designed to fight malicious actors on the Internet, they may challenge API or mobile app traffic. For more granular control, upgrade to Bot Management for Enterprise.
How do I get started?
To get started, review our setup guides. If you have any questions, visit the community to engage with other Cloudflare users.