Technical Articles
F5 SMEs share good practice.
Showing results for 
Search instead for 
Did you mean: 
Legacy Employee
Legacy Employee


F5 Distributed Cloud (XC) Bot Defense can now be easily integrated into the Cloudflare CDN. The connector instantly integrates with XC Bot Defense to help customers improve their bottom line by eliminating automated bot traffic.  XC Bot Defense has the highest long-term efficacy by combining machine learning with human domain experience to ensure sustained near-zero false positives.

In this article, I will outline the steps to start and take advantage of F5 Bot Defense.


  • An Account on F5 Distributed Cloud Services.
  • A Cloudflare CDN is delivering your applications.

F5 Distributed Cloud Steps:

  • Log In:

Screenshot 2023-03-19 at 6.41.34 PM.png

  •  Select the Bot Defense Tile

Screenshot 2023-03-19 at 6.44.36 PM.png

  •  Scroll down Selecting Manage > Applications

Screenshot 2023-03-19 at 6.58.58 PM.png

  • Click Add Application

Screenshot 2023-03-19 at 6.59.57 PM.png

  • Provide Name, Label and a Description
  • Select the Application Region (US for my demo)
  • Select the Connector Type - Cloudflare (Previous articles covered BIG-IP, CloudFront and Custom)

Screenshot 2023-03-19 at 7.00.32 PM.png

  •  Select Configure once Cloudflare is selected as the Connector Type

Screenshot 2023-03-19 at 7.00.48 PM.png

  •  Select Configure under Protected Endpoints

Screenshot 2023-03-19 at 7.01.10 PM.png

  •  On the Protected Endpoints page click Add Item

Screenshot 2023-03-19 at 7.01.33 PM.png

  • Give the Protected Endpoint a Name and Description
  • Under Domain Matcher you have the option of Any Domain which will match all domains or you can specify the Domain you are protecting.

Screenshot 2023-03-19 at 7.02.09 PM.png

  • I am using Any Domain
  • Next indicate the Path you are protecting; Entry Points and/or Login pages as examples.
  • Query Strings
  • HTTP Methods - Depending on what you are protecting. (GET, POST, PUT)

Screenshot 2023-03-19 at 7.03.07 PM.png

  •  Select the Client Type (Web Client, Mobile Client or Web and Mobile) again depending on your application. Here I will Select Web Client

Screenshot 2023-03-19 at 7.03.33 PM.png

  • Next you will select the Mitigation action. (Continue, Redirect or Block) - I am selecting Block

Screenshot 2023-03-19 at 7.03.54 PM.png

  • Block gives you the ability to indicate Status, Content Type and the displayed Body.
  • Click Apply

Screenshot 2023-03-19 at 7.04.24 PM.png

  • This screen shows the Protected Endpoint now configured.
  • Next we will Specify the Java Script Insertion Rules
  • Click Configure

Screenshot 2023-03-19 at 7.04.43 PM.png

  • The Web Client Java Script Path and name can be configured here.
  • The Java Script Location is where the Java Script is inserted on your Web Application.

Screenshot 2023-03-19 at 8.17.53 PM.png

  • Under Java Script Insertion Paths Click Add Item - We will specify where to insert the JS.  You could also configure JS Exclude Paths.
  • Give this a Name and Description
  • Domain Matcher just as before, can be Any Domain or you can Specify a Domain.
  • And finally, the Path (Prefix, Path or Glob) Supply the path to insert the JS.
  • Click ApplyScreenshot 2023-03-19 at 7.05.24 PM.png
  • We now have configured the Web Client JS settings.
  • If we were configuring mobile application protection we would enable Mobile SDK
  • Trusted Client Rules we could specify an IP Prefix and/or HTTP Headers.
  • Click Apply
  • Click Save and Exit

Screenshot 2023-03-19 at 8.27.57 PM.png

  • This takes us back to our main Applications page.
  • Click the three ellipsis to the right.

Screenshot 2023-03-19 at 7.08.07 PM.png

  • Download both the Config file and Worker file to a known location.  We will use these files in the Cloudflare UI.

Screenshot 2023-03-19 at 7.10.24 PM.png

That is all the configuration needed in F5 Distributed Cloud Console.  We will return to monitor our Application after configuring Cloudflare.

Cloudflare Steps:

  • Log In:

Screenshot 2023-03-19 at 8.52.06 PM.png

  •  Navigate down to Workers

From this page, you would either select an existing Service if one existed or Create a Service.  I am showing how to Create a Service.

  • Click Create a Service
  • Cloudeflare assigns a name.

Screenshot 2023-03-20 at 8.42.42 AM.png

  •  Select HTTP handler
  • Then Create Service

 Screenshot 2023-03-20 at 8.42.54 AM.png

  • Click on your newly created Service

Screenshot 2023-03-20 at 8.46.06 AM.png

  • Click Quick Edit

Screenshot 2023-03-20 at 8.43.29 AM.png


  • Notice on the left the code would deploy a worker that returns "Hello World"

Screenshot 2023-03-20 at 8.43.41 AM.png

But we need to assign the worker to a Website.  Return to the main menu and select Websites.

  • We have a Website already configured. Select the preconfigured Website.  We could Add a Site if one was not already configured.

Screenshot 2023-03-20 at 8.46.19 AM.png


  • This will take you to the Website Summary Page.

Screenshot 2023-03-20 at 8.46.30 AM.png


  • Select Workers Routes on the Left Pane
  • Then Click Add Route

Screenshot 2023-03-20 at 8.46.45 AM.png

  • Cloudflare shows the Website Route but it is greyed out.  Type the Route.
  • Select the Service you created in the last steps.
  • Select the Environment
  • Click Save

Screenshot 2023-03-20 at 8.48.47 AM.png


This will return you to the Workers Routes page.  It will show the Service was added to the HTTP Routes.

Screenshot 2023-03-20 at 8.49.05 AM.png


Next we need to test and verify the Worker is returning what we are expecting. Remember above, it should return "Hello World"

Screenshot 2023-03-20 at 8.51.04 AM.png

This shows our website and worker are working as expected.  Now we will configure our Worker to protect the actual website with F5 Distributed Cloud Bot Defense.

  • Navigate back to your Worker and Select Quick Edit.

Screenshot 2023-03-20 at 8.52.06 AM.png


Here we will use the files we downloaded from F5 Distributed Cloud Console.

  • The Worker file is the .js file you downloaded.
  • The Config file is the .json file you downloaded
  • Open both files in the editor of your choice
  • Copy the entire contents of the Worker file and replace the contents in the left hand pane

Screenshot 2023-03-20 at 8.53.18 AM.png



  • Copy the entire contents of the Config file and replace the contents in the left hand pane under XC Configuartion -- "_CONFIG_"
  • Click Save and Deploy at the bottom.

Screenshot 2023-03-19 at 9.42.22 PM.png


  • You will recieve a succesful message if the Worker depoys suceesfully.  If not it returns an error.

Screenshot 2023-03-20 at 8.56.11 AM.png

  • Now is the time to prove all the prior work.
  • Navigate back to  If you have configured everything correcty, you should get your website to return as below.

Screenshot 2023-03-20 at 8.56.44 AM.png


Now I genertated traffic via human browser clicks and then automated commmands that would mimic bot traffic.  I show the results in the F5 Distributed Cloud Bot Defense Overview page.

Screenshot 2023-03-20 at 9.40.52 AM.png


Screenshot 2023-03-20 at 9.42.50 AM.png


Technical Demo:


Brightboard Video




As you can see, F5 Distributed Cloud Bot Defense protected your Cloudflare hosted application from automated threats.  It allowed normal human browsing but identified and mitigated actions you specified as malicious bots.

Related Links:

Community Manager
Community Manager

Powerful solution, showing off another way that F5 Distributed Bot Defense can be deployed!

Version history
Last update:
‎28-Apr-2023 19:38
Updated by: