Using advanced client-side detections
Last updated 2025-03-05
The advanced client-side detections feature allows you to detect sophisticated bots that leverage headless browsers such as headless Chrome. You can enable this feature by adding a lightweight JavaScript snippet to your website's HTML.
Once enabled, this feature feeds detections into the SUSPECTED-BOT.HEADLESS, SUSPECTED-BAD-BOT.HEADLESS, and CLIENTSIDE-COOKIE-VALID system signals. To identify that a browser has run the JavaScript, the _fs_cd_cp_<RANDOM STRING> cookie is issued from the customer domain.
Prerequisites
To use advanced client-side detections, you will need:
- the Bot Management product at either the Professional or Premier platform level (it is not available for the Essential platform)
- to enable Registration Attempt or Login Attempt templated rules
Enabling advanced client-side detections
To enable advanced client-side detections for your website, add the following line within the <head> section of your HTML:
<script src="/_fs-ch-1T1wmsGaOgGaSxcX/assets/script.js"></script>Ideally, this line will be placed above all other scripts in your HTML.
NOTE
You can change the name of the script from script.js to another name of your choosing. The script name must end in .js.
Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
