Legitimate Requests include all good traffic, not including the custom Allowlist and allowed known bots and crawlers.
Blocked Requests are all requests blocked by PerimeterX, including the custom Denylist and denied known bots and crawlers.
Enter at least one Block ID in the Investigation Search Bar, and click GO, the Clear Block ID button appears. Clicking the Clear Block ID opens a pop-up.
In the pop-up you can select the Block ID (or portion of) that you wish to clear, and for how long. Confirm that you are sure that you want to clear the selected Block ID.
The Block ID is cleared after you click Confirm.
Note that a Block ID can only be released within 24h of the initial block.
When you configure the Allowlist on a defined object, such as Google crawlers, PerimeterX sets the score of that session to 0, the lowest available risk score. The Enforcer will not block traffic from objects in the Allowlist. Generally, we recommend that traffic from vendors, partners, penetration testing tools, Office Ip/VPN, SEO tools or any other testing tools be included in your Allowlist.
When you configure the Denylist on a defined object, like Anonymous Proxies, PerimeterX will set the score of that session to 100, the highest available risk score. Requests from any object that is added to the Denylist will be blocked.
To add a Custom Rule:
- Navigate to Platform Settings > Policy and open the Access Control tab. There are no default custom rules.
- Click Add Rule. A new line is added to the Custom Rules list.
- Click Description and enter a descriptive name for the new rule. Under Type, click No Action, and select the filter rule: Allowlist or Denylist or No Action.
- Click the down-arrow to expand the rule parameters.
- Add a new rule. Click +Add AND Condition, select the category from the drop-down list and enter the value(s) for that category.
You can add as many filters to the rule as you want.
- Click Add. A new filter is added to the list.
- Click Choose Category to select a category, then enter a value for Config Value.
- Click Apply Changes at the bottom of the page.
PerimeterX Configurations lists the default Allowlist and Denylist items configured by PerimeterX. You can change these items to suit your website needs.
Additionally, Custom Rules can be managed by the Custom Rules API, more information can be found here.
The Reports tab displays two types of reports:
Page Views Report
This report displays site statistics - total page views and bad page views - based on two levels of aggregations. Aggregation levels (Field1 and Field2) can be set by Country, Browser, Custom Parameters, IPs, etc. The report displays the page views that occurred within the configured time range, and have a risk score at or above the selected minimum risk score
CAPTCHA Solved Report
This report lists all solved CAPTCHA events with all relevant information such as Client IP, Visitor ID, Incident Types, and Risk Score. Use Columns control to adjust the required information. The report displays the number of Captchas solved within the configured time range that have a risk score at or above the selected minimum risk score.
Find instructions on how to generate both types of reports in the PerimeterX Knowledge Base.
PerimeterX Bot Defender Dashboard Customization tool allows you to gain more business insights by creating and adapting custom dashboards in accordance with your business needs.
For example, you can prioritize the information about Account Takeover attacks to be first, by creating a new widget and dragging it to the top of the Dashboard. Moreover, you can combine different sets of data, like the general Blocked Requests trend and the Check Out Page Blocked Requests trend.
Learn more about how to create customized dashboards.
It’s important to keep us updated with any upcoming changes in:
- New use case
Having ongoing communication with the PerimeterX success team and security analysts can ensure alignment and performance with your business needs.
In general, whenever the following situations occur, you should alert our team so we can take action:
- Expecting an increase in traffic. Analysts will prepare detections to:
- Minimize false positives
- Minimize false negatives
- Maintain strong identification and blocking of automated malicious attacks
- Expecting hype sale levels of traffic. Since these types of events tend to attract highly sophisticated bots, analysts will help your team prepare.
- Adding new or changing old paths. Analysts can make any necessary adjustments to make sure these paths are protected.
Bot Defender is a behavior-based bot management solution that protects your websites, mobile applications and APIs from a wide variety of automated attacks. Customers use it to prevent account takeover, carding, denial of inventory, scalping, skewed analytics and web scraping. Here are examples of customer use cases.
Want to learn more about Bot Defender? Visit our Knowledge Center.
Updated about 2 months ago