How do Bot Checks work?

By Yair Uziel

Incapsula has the means to validate the identity of your site visitors (whether they are human or bot) by inspecting specific details within their requests - visitor details, statistics, browsers, etc.

In case a visitor behavior is suspected as bot behavior, it will be presented with challenges in escalating order - cookie support test, Javascript challenges and a CAPTCHA challenge.


Using the CAPTCHA challenge is optional:

You can enable it by ticking "Require all other Suspected Bots to pass a CAPTCHA test" (at the Incapsula Management Console> Settings> Security> Bot Access Control).

This feature will help protect your site by preventing unknown bots from getting through.

Was this article helpful?
1 out of 2 found this helpful
Have more questions? Submit a request


  • Avatar

    Is there a way to get a report in a spreadsheet for all of the CAPTCHA challenges specific Incapsula-monitored URLs?  Analysis is difficult with the portal event reporting tool.

  • Avatar

    Any update on the above request? This would be very helpful

Powered by Zendesk