FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Imperva seeing Dynatrace synthetics as a bad bot

Go to solution
bogoja_jovanosk
Participant

‎03 Mar 2023 02:08 PM - last edited on ‎06 Mar 2023 12:46 AM by Community Team

Our firm is utilizing a security tool called Imperva to protect the website against bad bots and DDoS attacks, but it is scanning our synthetics as bad bots. Has anyone come across this issue and if so what are some solutions that can be proposed?

The security team and Imperva are reluctant to white list the IP ranges of the synthetic ActiveGates.

Also, does anyone know if browser click paths have certain request attributes that Dynatrace adds when executing that we can add to the Imperva exception list?

 

0 Kudos
Reply
2 REPLIES 2

Go to solution
AntonioSousa
DynaMight Guru
DynaMight Guru

‎05 Mar 2023 01:40 AM

@bogoja_jovanosk,

I have had this issue with another solution that is not Imperva. There are two main reasons why Imperva might be signalling this, in my opinion:

  1. Dynatrace synthetic monitors run from cloud IPs [AWS,Azure, ...]. It is normal for security solutions to signal this, as there are not normally real users accessing from those IPs. Given that these are Dynatrace servers, you can white-list them without any problem. The list of IPs is available in the list of synthetic agents, so you can define a precise list.
  2. The user-agent that Dynatrace uses is not a known user-agent for browsers. You have two ways around this: configure Imperva to signal that an user agent that starts with "DynatraceSynthetic/" is good, as explained in https://www.dynatrace.com/support/help/platform-modules/digital-experience/synthetic-monitoring/http... ; or configure your synthetics to use a known browser User-agent. This is for HTTP monitors, as I believe for browser monitors the Chrome signature is used...
Antonio Sousa
Reply

Go to solution
HannahM
Dynatrace Champion
Dynatrace Champion

‎06 Mar 2023 03:51 AM

Most tools use the User Agent string to define if it's a bot or not. 

For Browser Monitors, we add RuxitSynthetic/1.0 to the User Agent string and for HTTP Monitors we add DynatraceSynthetic/{version}, so I would just add a rule for DynatraceSynthetic/ as the version will change every time you update your ActiveGates or we update the Public location versions 

Reply
Ask a question