Tab – Bot Management
Log Only

If enabled, requests from identified bots are only logged but not blocked.

Enforce client cookie support

If enabled, only clients implementing a Cookie-Store will be able to access the application through this mapping. In contrast to regular browsers, most bots do not implement a Cookie-Store and will therefore be blocked if this setting is enabled.

Source IP address allow list

Requests originating from a client (e.g. a bot) with an IP address in the selected list are forwarded whether the client supports a Cookie-Store or not.

Well-Known Bot Exceptions
Check User-Agent

Check the User-Agent to determine if a bot is well-known and do not block such bots. Clients sending one of the following User-Agent header values are treated as well-known bots:

  • Googlebot
  • bingbot
  • MSNBot
  • Baiduspider
  • YandexBot
  • DuckDuckBot
Enforce source-domain

If enabled, a reverse IP lookup for well-known bots is performed to verify that the client's IP address belongs to the operator of a well-known bot. This prevents bots from pretending to be a well-known bot by sending a fake "User-Agent" header. The following domains are considered as domains of operators operating well-known bots:

  • google.com
  • googlebot.com
  • search.msn.com
  • baidu.com
  • baidu.jp
  • yandex.com
  • yandex.net
  • yandex.ru
  • duckduckgo.com
Custom Bot Exceptions
Check User-Agent

If enabled custom bots are not blocked. Custom bots are identified by providing a "User-Agent" and "Source-Domain" pattern.

If "Check User-Agent" and "Enforce source-domain" are enabled, both patterns "User-Agent pattern" and "Source-domain pattern" have to match such that a request is not blocked.

User-Agent pattern

Do not block bots whose "User-Agent" header matches this pattern.

Enforce source-domain

Do not block bots whose source-domain matches the "Source-domain pattern".

Source-domain pattern

The "Source-domain pattern".

Ensure that the pattern ends with a "$" to prevent wrong matches (e.g. the pattern "\.example\.com$" should be used instead of "example.com", since "example.com" would also match "myexample.com", "example.com.otherdomain.org" and "examplexcom.otherdomain.org" etc.).