Link11 WAAP
v5
v5
  • Link11 WAAP Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Link11 WAAP
  • How Link11 WAAP Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Authenticate mobile app users
      • Ban, unban, and allowlist traffic sources
      • Bypass Link11 WAAP for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Enable mTLS (mutual TLS)
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Link11 WAAP API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / LWCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page
  • Overview
  • Usage within applications
  • Parameters
  • Direction
  • Style
  • Palette
  • Languages
  • Testing an Interactive Challenge

Was this helpful?

Export as PDF
  1. Console UI Walkthrough
  2. System

Interactive Challenge

PreviousSystemNextSSO Configuration

Last updated 1 month ago

Was this helpful?

Overview

Link11 WAAP contains several mechanisms for detecting bots within web traffic, including and .

This page allows admins to configure the third mechanism: the L11WAAP Interactive Challenge, which is a form of CAPTCHA ("Completely Automated Public Turing test to tell Computers and Humans Apart").

The Interactive Challenge is more stringent than the other mechanisms. Therefore, when an Interactive Challenge is triggered, the user must pass it before being allowed to continue, even if the user had previously passed an Active Challenge or Passive Challenge.

Usage within applications

Admins should ensure that rulesets which can trigger Interactive Challenges are not applied to API endpoints. Interactive Challenges require user interaction, and therefore, API clients cannot pass them.

Parameters

The parameters described below will determine how the Interactive Challenge page is displayed to the user.

Direction

The direction of the text displayed to the user. For example, English should be set to Left to right, while for Hebrew, this should be set to Right to left.

Style

This specifies how to display the image configured in the Image/IMG settings within the Languages section. When set to Logo, the image will be shown on the page once. When set to Wallpaper, the image will be tiled to fill the page.

Palette

The colors used in the challenge.

Languages

Admins can configure Interactive Challenges in different languages. A default L11WAAP deployment will contain English; to add additional languages for configuration, select New language. (This appears below the Languages section; you can collapse the section to make it more accessible.)

Each configured language will include the options below.

Title

The title that will be shown on the page.

Buttons text

During the Interactive Challenge, two buttons are shown to the user. The top field specifies the text for the first button that appears, and the bottom field specifies the text for the second button.

Image Element Source

This is the source for the image that will be shown on the Interactive Challenge page. It will be shown according to the Style setting.

IMG Element Preview

This displays a preview of the image specified in the Image Element Source.

Testing an Interactive Challenge

The Interactive Challenge defined on this page can be used at various places within a web application. Create one or more with the Type parameter set to Interactive Challenge, and then use the Action(s) within the appropriate security rulesets (within , , , and ).

To see how an interactive challenge will appear to a user, you can select it as the Action for a dedicated : one with a Rule list that will only match a test request (e.g., a specific IP that you will use to test the challange).

Actions
Global Filters
Rate Limit Rules
ACL Profiles
Content Filter Profiles
Global Filter
Passive Challenges
Active Challenges