{"id":1556,"date":"2020-06-07T22:03:40","date_gmt":"2020-06-07T14:03:40","guid":{"rendered":"https:\/\/www.wesbytes.com\/guide\/?post_type=kb&p=1556"},"modified":"2026-01-12T14:35:10","modified_gmt":"2026-01-12T06:35:10","slug":"what-are-the-types-of-threat","status":"publish","type":"kb","link":"https:\/\/www.servergigabit.com\/guide\/kb\/what-are-the-types-of-threat","title":{"rendered":"What are the types of Threat?"},"content":{"rendered":"

What are the types of Threat?<\/strong><\/h3>\n

Cloudflare<\/a> classifies the threats that it blocks or challenges. To help you understand more about your site\u2019s traffic, the \u201cType of Threats Mitigated\u201d metric on the analytics page measures threats blocked or challenged by the following categories:<\/p>\n

\n
Bad browser:<\/strong><\/h6>\n<\/div>\n


\n<\/strong>The source of the request was not legitimate or the request itself was malicious. Users would see a\u00a01010 error page\u00a0in their browser.<\/p>\n

Cloudflare\u2019s Browser Integrity Check looks for common HTTP headers abused most commonly by spammers and denies them access to your page. It will also challenge visitors that do not have a user agent or a non standard user agent (also commonly used by bots, crawlers, or visitors).<\/p>\n

Learn more about the Browser Integrity Check here.<\/p>\n

\n
Blocked hotlink<\/strong>:<\/h6>\n<\/div>\n

\u201cHotlink Protection\u201d ensures that other sites cannot use your bandwidth by building pages that link to images hosted on your origin server. This feature can be turned on and off by Cloudflare\u2019s customers.<\/p>\n

Learn more about Hotlink Protection here.<\/p>\n

\n
Human challenged<\/strong>:<\/h6>\n<\/div>\n

Visitors were presented with a CAPTCHA challenge page and failed to pass.<\/p>\n

Note: A CAPTCHA page is a difficult to read word or set of numbers that only a human can translate. If entered incorrectly, the request is blocked.<\/em><\/p>\n

\n
Browser challenge<\/strong>:<\/h6>\n<\/div>\n

A bot gave an invalid answer to the JavaScript challenge (in most cases this won\u2019t happen, bots typically do not respond to the challenge at all, so \u201cfailed\u201d JavaScript challenges would not get logged).<\/p>\n

Note: During a JavaScript challenge you will be show<\/em>n an interstitial page for about five seconds while Cloudflare performs a series of mathematical challenges to make sure it is a legitimate human visitor.<\/em><\/p>\n

\n
Bad IP:<\/strong><\/h6>\n<\/div>\n


\n<\/strong>A request that came from an IP address that is not trusted by Cloudflare based on the Threat Score.<\/p>\n

Cloudflare uses Threat Scores gathered from sources such as Project Honeypot, as well as our own communities\u2019 traffic to determine whether a visitor is legitimate or malicious. When a legitimate visitor passes a challenge, that helps offset the Threat Score against the previous negative behavior seen from that IP address. Our system learns who is a threat from this activity. Site owners may override the Threat Score at any time using Cloudflare\u2019s security settings.<\/p>\n

\n
Country block<\/strong>:<\/h6>\n<\/div>\n

Requests from countries that were blocked based on the user configuration set within the Firewall app.<\/p>\n

Learn more about blocking countries using the Firewall app here.<\/p>\n

\n
IP block (user)<\/strong>:<\/h6>\n<\/div>\n

Requests from specific IP addresses that were blocked based on the user configuration set within the Firewall app.<\/p>\n

Learn more about blocking IPs using the Firewall app here.<\/p>\n

\n
IP range block (\/16)<\/strong>:<\/h6>\n<\/div>\n

A \/16 IP range that was blocked based on the user configuration set within the Firewall app.<\/p>\n

Learn more about blocking IPs using the Firewall app here.<\/p>\n

\n
IP range block (\/24)<\/strong>:<\/h6>\n<\/div>\n

A \/24 IP range that was blocked based on the user configuration set within the Firewall app.<\/p>\n

Learn more about blocking IPs using the Firewall app here.<\/p>\n

\n
New CAPTCHA (user):<\/strong><\/h6>\n<\/div>\n


\n<\/strong>Challenge based on user configurations set for visitor\u2019s IP in either the WAF or the Firewall app.<\/p>\n

Learn more about challenging visitors using the WAF here.<\/p>\n

\n
Captcha error<\/strong>:<\/h6>\n<\/div>\n

Requests made by a bot that failed to pass the challenge.<\/p>\n

Note: A CAPTCHA page is a difficult to read word or set of numbers that only a human can translate. If entered incorrectly, the request is blocked.<\/em><\/p>\n

\n
Bot Request:<\/strong><\/h6>\n<\/div>\n


\n<\/strong>Request that came from a bot.<\/p>\n

Unclassified:<\/strong>
\nUnclassified threats comprises a number of automatic blocks that are not related to the Browser Integrity Challenge (Bad Browser).\u00a0These threats usually relate to Hotlink Protection, and other actions that happen on the edge based on the composition of the request (and not its content).<\/p>\n

However , Unclassified means a number of conditions under which we group common threats related to Hotlink protection as well as certain cases of IP reputation and specific requests that are blocked at the Cloudflare edge before reaching your servers.<\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

What are the types of Threat? Cloudflare classifies the threats that it blocks or challenges. To help you understand more about your site\u2019s traffic, the \u201cType of Threats Mitigated\u201d metric on the analytics page measures threats blocked or challenged by the following categories: Bad browser: The source of the request was not legitimate or the request itself was malicious. Users…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"kbtopic":[43],"kbtag":[1434],"class_list":["post-1556","kb","type-kb","status-publish","hentry","kbtopic-cloudflare","kbtag-threat"],"_links":{"self":[{"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kb\/1556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kb"}],"about":[{"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/types\/kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/comments?post=1556"}],"version-history":[{"count":4,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kb\/1556\/revisions"}],"predecessor-version":[{"id":6070,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kb\/1556\/revisions\/6070"}],"wp:attachment":[{"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/media?parent=1556"}],"wp:term":[{"taxonomy":"kbtopic","embeddable":true,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kbtopic?post=1556"},{"taxonomy":"kbtag","embeddable":true,"href":"https:\/\/www.servergigabit.com\/guide\/wp-json\/wp\/v2\/kbtag?post=1556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}