Why Are There No Protection Logs for Some Requests Blocked by WAF JavaScript Anti-Crawler Rules?
After you enable the website anti-crawler protection, WAF returns a JavaScript code for the first access request to the domain name to the client browser, and then checks whether the request is from a valid browser or crawler based on the data resolved and returned by the client browser.
The normal detection process of the Website anti-crawler protection is as follows:
- An initial client request to the website is sent to WAF first.
- WAF returns JavaScript code to the client.
- The client resolves the JavaScript code and returns the execution result to WAF.
- WAF checks whether the client of the request is a valid browser based on the result returned by the client.
- If it is valid, WAF sends the request to the origin server.
- If it is invalid, WAF generates an alarm log.
- To enable the anti-crawler protection, the browser on the client must have JavaScript and cookies enabled.
- If JavaScript and cookies are not supported by the client browser, only 1 and 2 can be performed. As a result, the following problems occur:
- The client fails to get the requested pages.
- No logs are recorded in WAF because the client does not send the execution result of parsing the JavaScript code.
Check your services. If your website can be accessed by other means except for a browser, disable anti-crawler protection.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot