Gcore WAAP performs various checks to determine whether a valid user is behind each request to your domain, and not automated traffic. As part of its security checks, WAAP adds a JavaScript challenge (code) to the response. This challenge helps thee system identify if a user is automated or not. This JavaScript injection mechanism helps WAAP get the following information:
  • Client fingerprint. Information collected from the user’s device, which identifies the number and type of various components that were installed on the client.
  • Browser-type signature. A signature that distinctly characterizes a browser type and its version.
  • GUI interactions. Information about the client interaction with the application’s GUI.
This information helps us more accurately detect and block malicious traffic from reaching your domain.

How it works

JavaScript injection is added after the opening <body> tag. The injection has a minimal effect on the page size and almost no effect on page loading time. Once the code is injected, WAAP’s analysis engine get client information as follows:
  • Via cookies. On each session, the injected code generates cookies and fills them with data. These cookies are then sent to WAAP for analysis.
  • Via /sbbi/. Details about the client will be sent to our analysis engine via a specific URL that starts with {domain-address}/sbbi/ . For example, if your domain address is https://www.website.com, the requests will be made to the following URL: https://www.website.com/sbbi/. These requests are not forwarded to the origin backend and are not recorded in logs.