Bot Management 设计模式

# 智能体管理模式 ## 电商防护 txt # 结账页高安全性 (cf.bot_management.score lt 50 and http.request.uri.path in {"/checkout" "/cart/add"} and not cf.bot_management.verified_bot and not cf.bot_management.corporate_proxy) 操作: Managed Challenge ## API 防护 txt # 使用 JS 检测 + 评分保护 API (http.request.uri.path matches "^/api/" and (cf.bot_management.score lt 30 or not cf.bot_management.js_detection.passed) and not cf.bot_management.verified_bot) 操作: Block ## SEO 友好的智能体处理 txt # 允许搜索引擎爬虫 (cf.bot_management.score lt 30 and not cf.verified_bot_category in {"Search Engine Crawler"}) 操作: Managed Challenge ## 拦截 AI 爬虫 txt # 仅拦截训练爬虫 (允许 AI 助手/搜索) (cf.verified_bot_category eq "AI Crawler") 操作: Block # 拦截所有 AI 相关智能体 (训练 + 助手 + 搜索) (cf.verified_bot_category in {"AI Crawler" "AI Assistant" "AI Search"}) 操作: Block # 允许 AI 搜索，拦截 AI 爬虫和 AI 助手 (cf.verified_bot_category in {"AI Crawler" "AI Assistant"}) 操作: Block # 或使用控制台: Security > Settings > Bot Management > Block AI Bots ## 按智能体评分进行速率限制 txt # 对可疑流量实施更严格的限制 (cf.bot_management.score lt 50) 速率: 每 10 秒 10 个请求 (cf.bot_management.score ge 50) 速率: 每 10 秒 100 个请求 ## 移动应用白名单 txt # 通过 JA3/JA4 识别移动应用 (cf.bot_management.ja4 in {"fingerprint1" "fingerprint2"}) 操作: Skip (所有剩余规则) ## 数据中心检测 typescript import type { IncomingRequestCfProperties } from '@cloudflare/workers-types'; // 低评分 + 非企业代理 = 可能是数据中心智能体 export default { async fetch(request: Request): Promise { const cf = request.cf as IncomingRequestCfProperties | undefined; const botMgmt = cf?.botManagement; if (botMgmt?.score && botMgmt.score < 30 && !botMgmt.corporateProxy && !botMgmt.verifiedBot) { return new Response('Datacenter traffic blocked', { status: 403 }); } return fetch(request); } }; ## 条件延迟 (Tarpit) typescript import type { IncomingRequestCfProperties } from '@cloudflare/workers-types'; // 根据智能体可疑程度增加延迟 export default { async fetch(request: Request): Promise { const cf = request.cf as IncomingRequestCfProperties | "