Using advanced client-side detections
The advanced client-side detections feature allows you to detect sophisticated bots that leverage headless browsers such as headless Chrome. You can enable this feature by adding a lightweight JavaScript snippet to your website's HTML.
Once enabled, this feature feeds detections into the SUSPECTED-BOT.HEADLESS, SUSPECTED-BAD-BOT.HEADLESS, and CLIENTSIDE-COOKIE-VALID system signals. To identify that a browser has run the JavaScript, the _fs_cd_cp_<RANDOM STRING> cookie is issued from the customer domain.
Prerequisites
To use advanced client-side detections, you must purchase Bot Management at either the Professional or Premier platform level (it is not available for the Essential platform) or as part of the Security Core, Security Core Plus, or Security Total packaged offering.
Enabling advanced client-side detections
To enable advanced client-side detections for your website, add the following line within the <head> section of your HTML:
<script src="/_fs-ch-1T1wmsGaOgGaSxcX/assets/script.js"></script>Ideally, this line will be placed above all other scripts in your HTML.
NOTE: You can change the name of the script from script.js to another name of your choosing. The script name must end in .js.
