The active mode allows you to take action against bots by sending API response codes. Based on the response code, the actions such as Challenge CAPTCHA, Block or Feed Fake Data can be implemented. Follow the quick steps given below to configure the response for different kinds of bots.

  1. Login to ShieldSquare portal from here

  2. Under Settings->Bot Management, toggle the switch from 'Monitor' to 'Active'

  3. From the list of bot traffic that are classified by ShieldSquare, select your response to either Challenge CAPTCHA/Block/Feed Fake Data

  4. Implement the Challenge CAPTCHA/Block/Feed Fake Data by following the guide here

Following are the actions that you can take against bots on your site:

Allow (Response Code : 0)

On selecting this action bot traffic is allowed to access your site/app without any action.

Challenge CAPTCHA (Response Code : 2)

A CAPTCHA challenge is shown in this case. The challenge needs to be resolved in order to access the page on your site.

Block (Response Code : 3)

The bot is shown a block page. It is disallowed entry into the site.

Feed Fake Data (Response Code : 4)

A dummy page of the site is shown to the bot which has fake data. This is used to mislead the bot into getting false data. 

Throttle  (Response Code: 6)

Slows down the loading time of a page request. A configurable sleep time can be provided for this response. Ensure enough resource is allocated at your end for handling this response.

Drop (Response Code: 7)

Similar to the block page, a drop page will display a page to the end user without any valid feedback option to contact/notify. 

Session Termination (Response Code: 8) 

Using this response, you can forcefully choose to end the session of a bad user.

Redirect Loop (Response Code: 9) 

Bots get looped in a cycle of redirection ending up with a drop page. If you don't opt for 'ShieldSquare Serving' page, we recommend to allocate enough resource for your hosted CAPTCHA/Block page to handled this response. 

Log Only (Response Code: 10)

You can use this response just to monitor bots without taking any action. This response can be used to monitor in your SIEM visualization. 

Custom Response (Response Code: 11) 

Using this response you can choose to take a specific action against bad bots depending on your business needs


Please write to for any clarifications.


  • For Feed Fake Data,Throttle, Session Termination, Self-hosted Redirect Loop, Custom response the business logic has to be implemented from your end.
  • Please write to to check if your connector integration supports these responses.
  • For any further clarifications, write to