Create additional rules
1 min read
With your first rule in place, you can then create a broader set of rules to protect your application.
If your application is a bit more complex - for example, receiving mobile application traffic and automated API traffic - you may need to layer your bot protection rules for the best results.
The following two rules might be useful for a site protecting against content scraping, or some other form of bots viewing resources intended for humans. Since the order of the rules matters for rule execution, you should always place your allow rules before block or challenge rules.
Rule 1 - Allow mobile app request
Rule 2 - Restrict automated traffic, but exclude /api path
Protect specific endpoints
If bots are submitting data through your forms, your rules may be more focused on protecting specific, more vulnerable endpoints.
Unit 6 of 7