This document describes the AI policy module in bot traffic management. This feature is built on Tencent's nearly 20 years of experience in cybersecurity and bot defense. It applies AI models, built based on AI technology and Tencent's experiences in controlling risks and fighting illegal activities, to quickly identify malicious requests and fight against previous, APT, and distributed bots.
Prerequisites
You have purchased a WAF instance and bot traffic management extra pack and enabled bot rule management for WAF-connected domain names.
Protection Configuration
1. Log in to the WAF console and select Configuration center > Bot and application security on the left sidebar.
2. On the Bot and application security page, select the target domain name in the top-left corner and click Bot management.
3. In global settings, click Configure now in the Browser bot defense module section.
4. Click Add to allowlist to add certain URLs to the allowlist to reduce false positives detected by AI.
5. On the AI policy page, you can add URLs to the allowlist, so that core business will not be blocked due to frequent access to core business/callback business. You can also add certain URLs to the allowlist so that they will not be blocked by mistake.
Note:
Here, the allowlist applies only to the AI policy module but not other modules.
Parameter description:
Policy name: Policy name.
Rule description: Policy description.
Allowed URL: URL allowed by the AI policy module, which affects the score of the AI policy module.
On/Off: You can enable/disable an allowlist in the AI policy module. When this option is on, the AI policy module will not add the score of the URL that hits the allowlist. The score will be provided by the threat intelligence module and bot flow statistics module.
6. After configuring the AI policy module, click the configuration page of a certain scenario and click
of the AI policy module.
AI Policy Practical Tutorial
The AI policy module leverages the bot defense experience and the accumulation of the bot attack/defense lab to quickly identify general and APT bots. Therefore, we recommend you enable it and add the business callback API to the allowlist under any circumstances.
