6.8. Bot Management Security Checks#
Checks for Cloudflare Bot Fight Mode and Turnstile widget configuration.
6.8.1. Check Summary#
Check ID |
Title |
Severity |
Compliance |
|---|---|---|---|
CFL-BOT-001 |
Bot Fight Mode |
medium |
CIS, SOC2, PCI, NIST |
6.8.1.1. CFL-BOT-001: Bot Fight Mode#
Severity: medium | Category: bot
Bot Fight Mode challenges requests identified as automated and definitely not from a human. It is one-click to enable and a useful first line of defense even for zones without a full Bot Management subscription.
Remediation: Use FlareInspect’s recipe to enable Bot Fight Mode, or toggle it on in Security → Bots → Bot Fight Mode.
Warning
Bot Fight Mode may challenge legitimate bots (e.g. uptime monitors, search engine crawlers). Apply the recipe only after testing in log mode if you depend on third-party bots.