Reference
Best Practices - Path Syntax
Pattern-match syntax:
- An asterisk * matches any sequence of zero or more characters.
- A question-mark ? matches any single character.
For example, to find the word 'food' in the middle of a string, you must put asterisks before and after it. For example:
'*food*'
matches both 'bird food' and 'food for birds'.'food*'
(single asterisk) only matches 'food for birds'.'food'
(no asterisks) does not match either one.
If a pattern expression does not match all of the characters in a target string (either exactly or by * or ?), the pattern reports no match.
Example query URL:
/catalog/socks?color=red®ion=emea&n=20
Example URL path match:
All pages that start with /catalog/ (note each / matters)
/catalog/*
Example URL query parameter matches:
Query-string must include region=emea
(^|[^w])region=emea([^w]|$)
Query-string must include region=emea OR region=latam
(^|[^w])region=(emea|latam)([^w]|$)
Query-string must include region=emea OR region=latam in any mix of UPPER- and lower-case letters, like region=LatAm
(?i)(^|[^w])region=(emea|latam)([^w]|$)
Query-string must either be empty or include region=emea
(^$|(^|[^w])region=emea([^w]|$))
Incorrect Usage (matches unwanted text)
Query-string must include region=emea
region=emea
This example matches testregion=emea
Match URL Query Parameters (and other regular-expression matches)
Basic regular-expression (regex) syntax:
- A period . matches any single character.
- A period followed by an asterisk .* matches any sequence of zero or more characters.
- [abc] and [pqr] match respectively any character in or not-in the list.
- [0-7] matches digits 0-7 inclusive.
- By default, regex reports partial matches. For example, the regex
'food'
matches both 'bird food' and 'food for birds'. To prevent a partial match, use a caret^
at the left and/or dollar-sign$
at the right to force matches at the start or end of the target string. For example,^food matches
'food for birds' andfood$
matches 'bird food', while^food$
only matches 'food' by itself with nothing preceding or following those four letters. - To match multiple distinct words separate them by pipe symbols
|
and surround the set with parentheses()
. For example, enter^(food|drink|toothp.*)$
to match any string which contains exactly 'food' or 'drink' or anything that starts with 'toothp', such as 'toothpick' or 'toothpaste'. - Regular expressions have many additional powerful features, such as
a?
to match zero-or-one letter 'a'.
This system supports most RE2 or TCL ARE regular expression syntax. For a full description of features, use a search engine to search for 'RE2 syntax'.
Javascript (ECMAScript) uses very similar syntax, but differs in a few ways. For comparison information, use a search engine to search for 'cmcdragonkai regular expression comparison'.
For endoint matches, use regex syntax common to RE2 and Javascript. The exception is (?i), which is specially handled for you.
When you look for several different words, for best performance, use a single regex like (red|blue|green)
rather than searching for each word separately.
When you use regex, be aware of partial matching. For example, to match a URL path starting with /mobile you must enter ^/mobile
, otherwise paths such as '/docs/mobile-info.htm' (/mobile in the middle) also match.
For regex endpoint matching:
- To ignore letter-case, prepend (?i) to your expression. For example, enter
'(?i)^food'
. - Use only regex syntax common between RE2, TCL ARE, and Javascript. The exception is (?i), which Bot Defense handles specially.
- Be aware of matching at word boundaries. The syntax
[\w]
works in all cases. For example, to find the word 'head' by itself, possibly surrounded by punctuation as with'<head>'
but NOT embedded in a longer word like 'sleepyhead' or 'headlamp', enter(^|[\w])head([\w]|$)
. To match the word 'head' or the empty string, which is often useful with URL query strings, use(^$|(^|[\w])head([\w]|$))
.
Endpoint Labels
Use endpoint labels to allow more granular attack intent identification and reporting when Bot Defense detects automation.
Category | Label | Description |
---|---|---|
Authentication | Login | When credentials are provided to gain access to a saved account. |
Authentication | Login MFA | When multi-factor authentication is used to gain access to a saved account. |
Authentication | Login for Channel Partner | Login to a saved account occurs through a partner via a different channel. |
Authentication | Logout | When a session ends or saved account is exited. |
Authentication | Token Refresh | Session remains valid; login is not requested again to access a saved account. |
Account Management | Account Creation | When an account is created (for example, at a department store, a restaurant, or with a ride-share service). |
Account Management | Password Reset | When a password is reset. |
Profile Management | Profile Creation | When a new user profile has been created; some accounts allow for multiple profiles to be added (for example, health insurance with dependents). |
Profile Management | Profile Update | When profile information (may contain personal or sensitive information, such as password, email, or payment info.) is updated. |
Profile Management | Profile View | When profile information (may contain personal or sensitive information, such as password, email, payment info) is viewed. |
Shopping & Gift Cards | Add to Cart | When an item has been added to the shopping cart. |
Shopping & Gift Cards | Promo Code Validation | When a promotional code is validated. |
Shopping & Gift Cards | Checkout | When payment is submitted for items in the cart. |
Shopping & Gift Cards | Payment / Billing | When payment/billing information is added. |
Shopping & Gift Cards | Order Submit | When an order is submitted to the vendor to be fulfilled. |
Shopping & Gift Cards | Price Inquiry | When a price inquiry is submitted for a product, insurance, quote, and so on. |
Shopping & Gift Cards | Purchase a Gift Card | When a gift card is purchased for a specified amount. |
Shopping & Gift Cards | Update Quantity | When the cart quantity for an item has been updated. |
Shopping & Gift Cards | Select Seat(s) | When a seat (for a flight, concert, movie hall, sporting event) has been selected. |
Shopping & Gift Cards | Enter Drawing Submission | Used to submit entry for a drawing or lottery. |
Shopping & Gift Cards | Gift Card Validation | Used when validating a gift card value. |
Shopping & Gift Cards | Purchase with Gift Card | When a gift card number is entered as a payment option during checkout. This is also another way that can be used to validate the value on a gift card. |
Financial Services | Apply for a Financial Service Account | When an application for a new credit card account, retirement account, bank account has been submitted. |
Financial Services | Money Transfer | When a money transfer from one account to another has occurred. |
Search | Flight Search | Used to search for open seats on a flight. |
Search | Product Search | Used to search for a specific product. |
Search | Room Search | Used to search for room availability. |
Search | Reservation Search | Used to search to book a sports reservation, concert, and so on. |
Flight | Check into Flight | Used for online flight check-ins. |