Bot Score
最終更新日:2026-03-25 18:13:55
Overview
The system assigns each request that passes through Bot detection a score ranging from =1= to =100=, indicating how likely the request is to originate from a bot. The higher the score, the greater the probability that the request is automated.
For example, a score of =1= indicates that the request is very likely from a human, while =100= indicates that the request is highly likely to be automated.
Bot Score can be passed back to the origin via a custom HTTP request header and used in conjunction with business risk control. For more details, please refer to the Bot Tagging to the Origin Server section.
Bot Score Description
Category |
Score Range |
Description of Values |
|---|---|---|
Definite Bots |
100 |
Clearly indicates requests initiated by automated tools. |
Likely Bots |
80-99 |
Abnormal and suspicious, highly likely initiated by automated tools. |
Likely Human |
1-79 |
Requests may have been initiated by real human users. |
Not Calculated |
0 |
Internal system service requests, not included in detection and calculation. |
Publicly Declared Bots |
- |
Generally non-malicious automated traffic, including AI bots and public bots. |
Note: If a request has already been Skipped or Denied in advance by upstream security policies—such as whitelists, IP/Geo blocking, custom rules, DDoS protection, or rate limiting—it will not enter Bot detection, and no Bot score will be generated.
How the Bot Score Is Generated
The Bot score is automatically generated through a combination of heuristic analysis and machine learning.
You only need to enable the Bot Management feature in the console, and activate both the Definite Bots and Likely Bots detection policies. Once enabled, the system will deeply inspect every request that passes through it and generate a unique Bot score using a weighted algorithm based on multiple risk signals.
Detection Engine |
Detection Principle |
|---|---|
Heuristic |
Based on a rule set built from security experts’ experience.. The system collects various features of access requests in real time and matches them against the Bot intelligence database (cloud vendors, proxies, intelligence risk IP intelligence) and the anomaly detection rule library (such as User-Agent, HTTP headers, TLS fingerprints, etc.) to identify potential automated activities. |
Machine Learning |
Based on data-driven self-learning. The system leverages algorithm models to learn from large volumes of normal data as well as malicious and suspicious data, uncovering anomalies such as group clusters and behavioral chains to identify stealth automated tools disguised as legitimate users. |
In simple terms, the Bot score is the result of combining security expert knowledge, large-scale data analysis, and intelligent algorithms. It is not a “black box.” Each detection dimension has a clear risk weight, and the final score directly reflects the security risk level of the request.
Detailed Detection Dimensions
The system performs a comprehensive evaluation of requests based on multiple factors, including IP intelligence, User-Agent, request headers, fingerprints, and more, and assigns corresponding tags. For more details, please refer to the Bot Tags section.
Current Limitations
Currently, the Bot score is only used in Bot Tagging to the Origin Server and Log Analysis. More high-value use cases will be added in the future to help you manage Bot traffic more effectively.