Bot management
Proof-of-work challenges, TLS/JA3 fingerprinting, sentinel telemetry — without solving the puzzle ourselves first.
What it is
Shield Bots scores every request by combining client fingerprinting (JA3, header order), behavioural signals (mouse/timing) and a low-friction proof-of-work challenge. Verified-bot lists are configurable; custom signals can be ingested.
When to use it
- Stop credential-stuffing tools on /login.
- Stop inventory-hoarding bots on a launch.
- Stop scrapers from poisoning a model's training corpus.
Quickstart
asc shield bots policy set example.com --on-malicious block --pow-difficulty mediumclient.shield.bots.policy.set('example.com', on_malicious='block', pow_difficulty='medium')await client.shield.bots.policy.set('example.com', { onMalicious: 'block', powDifficulty: 'medium' });Limits & quotas
| Limit | Default | Burst | Notes |
|---|---|---|---|
| PoW difficulty | low / medium / high | — | |
| Per-zone evaluations | Included | — | Free under WAF plan |
Pricing
See pricing. Pay-as-you-go, billed monthly via Stripe.
API surface
POST /v1/shield/bots/policy
Required scope(s): shield:write. See Scopes.
Security
All access is authenticated and scoped. See Auth & scopes and Network controls.