Product Documentation
ADC
14.1-Current Release 13.1 12.1
View PDF

Bot signature auto update

April 30, 2025
Contributed by: 
C S

The Bot signature auto update functionality enables you to get the latest signatures that provide better protection and traffic management from both good and bad bots.

The signatures are auto updated on an hourly basis thereby, eliminating the need to constantly check for the availability of the most recent update. If you have enabled the Signature Auto Update functionality, NetScaler connects to the server hosting the signatures to check if a newer version is available.

The latest bot signatures hosted on the Amazon cloud are configured as the default Signature URL to check for the latest update. For the auto update feature to work, you must also configure the DNS server to access the external site.

Update signatures

All the user defined signature objects that are created using the bot default signature object have a version greater than zero. If you enable Signature Auto Update, all signatures are updated automatically. You can update the default action for bot signatures either by selecting a signature or a group of signatures using the search functionality on the NetScaler bot management GUI.

Notes:

Signatures are updated every one hour. For details regarding a specific signature, refer to its associated alert article.

Bot signature update URL: https://nsbotsignatures.s3.amazonaws.com/BotSignatureMapping.json

Configure the signature auto update

To enable the Signature Auto Update feature, you must run the following command:

At the command prompt, type:

set bot settings SignatureAutoUpdate ON
<!--NeedCopy-->

Update the signature manually

To manually update a zero version signature or any other user-defined signature, you must first get the latest update for the default signatures and then use this for updating the target user-defined signature. Ensure your NetScaler can connect to the local server.

  1. Download bot signature files to a local server.
  2. From the NetScaler GUI, update the Signature Auto Update URL in the Configure NetScaler Bot Management Settings page to point to the local server hosting the bot signature files.

Update a signature file using the CLI

Run the following commands from the CLI :

```
update appfw signatures "*Default Signatures"
update appfw signatures Cenzic –mergedefault
<!--NeedCopy--> ``` Where Cenzic is the name of the signature file.

Notes:

Default Signatures is case sensitive.

Update the signature file using the GUI

Ensure that the client machine accessing the NetScaler GUI has internet connectivity. Also, the client machine must be able to connect to the SNIP of the NetScaler, where it pushes the signature files for the update.

Perform the following steps:

  1. Navigate to Security > NetScaler Bot Management > NetScaler Bot Management Signatures.

  2. Click Update Version.

Import default signatures without internet access

It is recommended to configure a proxy server to point to the Amazon (AWS) server to get the latest updates. However, if NetScaler does not have an internet connection to the external sites, then the user can store the updated BOT signature files on a local server. NetScaler can then download the signatures from the local server. In this scenario, the user must constantly check the Amazon site to get the latest updates. You can download and verify the signature file against the corresponding sha1 file which was created by using the Citrix public key to protect against tampering.

To copy the Signature files to a local server, complete the following procedure:

  1. Create a local directory such as <MySignatures> on a local server.
  2. Open the AWS site.

  3. Copy the BotSignaturesMapping.json file file to the <MySignatures> folder.

    If you open the BotSignaturesMapping.json file file, you can see all the json files for signatures and their corresponding digest files for different supported versions. One such pair is highlighted the following image. Sample Pair

  4. Create a subdirectory <botsigs> in the <MySignatures> folder.

  5. Copy all pairs of the files listed in the <file> attribute and the digest files listed in the corresponding digest attribute of the BotSignaturesMapping.json file to the <botsigs> folder. The following are a few sample files that is copied to the <botsigs> folder:

    https://nsbotsignatures.s3.amazonaws.com/BotSignatureMapping.json
https://nsbotsignatures.s3.amazonaws.com/botsigs/sig-r14.1b0v17s2
https://nsbotsignatures.s3.amazonaws.com/botsigs/sig-r14.1b0v17s2.digest
   <!--NeedCopy-->
  6. Change the auto update URL in the Bot settings in NetScaler to https://<local server>/MySignatures/BotSignatureMapping.json

Note:

You can give any name to the <BOTMySignatures> folder and it can be in any location but the subdirectory <botsigs> must be a subdirectory in the <MySignatures> folder where the mapping file is copied. In addition, ensure that as shown in the BotSignaturesMapping.json, the subdirectory name <botsigs> must have the exact name and is case sensitive. All Signature files and their corresponding sha1 files should be copied under this <botsigs> directory.

Bot signature auto update
April 30, 2025
Contributed by: 
C S
April 30, 2025
Contributed by: 
C S

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.