INTRODUCTION
Feature Summary: Bot Detection helps clubs identify suspicious reservation activity that may be generated by automated software, often referred to as “bots,” rather than real users. Admins can review flagged behavior, understand why a member was identified as a potential bot, and take action directly within CourtReserve by enabling CAPTCHA for individual members or globally for all members.
Use Cases
Identify and review suspicious reservation activity
Reduce manual bot investigations and support requests
Apply CAPTCHA to specific members when needed
Enable CAPTCHA globally during peak booking periods
Monitor automated booking patterns over time
OVERVIEW
Bot Detection is designed to help clubs protect fair access to reservations by identifying patterns that indicate automated (bot-driven) booking activity. As demand for high-value courts and events increases, bots can be used to gain unfair advantages by rapidly creating reservations.
To reduce manual investigation and support requests, CourtReserve provides built-in tools that allow admins to review suspicious activity and apply CAPTCHA challenges as needed. CAPTCHA can be enabled globally for all members or applied to individual members who are flagged for suspicious behavior in the Bot Detection audit.
What is CAPTCHA?
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a security measure that requires users to complete a simple challenge to confirm they are human before completing an action.
In CourtReserve, enabling CAPTCHA means members may be prompted to complete a quick human-verification step during reservation creation. This may include selecting “I’m not a robot” or completing a simple image selection challenge, particularly if the member is flagged for suspicious activity or if CAPTCHA is enabled globally. Visual examples as follows:
Why Bot Detection Is Important for Clubs
Bot activity can negatively impact clubs by:
Blocking fair access to courts by creating excessive reservation attempts in short time periods
Increasing administrative workload to investigate suspicious behavior
With Bot Detection, clubs gain visibility into abnormal activity patterns and can proactively protect their reservation system.
SETUP
Bot Detection gives admins visibility into unusual reservation activity and flexible ways to take action:
Review activity at a high level: Use the Bot Detection Analysis log to identify members flagged for suspicious reservation patterns.
Investigate and act on individual members: Drill into a member’s Bot Detection tab to review detailed activity and enable CAPTCHA for that specific user if needed.
Apply protection globally: Enable CAPTCHA for all members to add an extra layer of security during reservation creation.
Bot Detection Analysis
A Bot Detection Analysis log is available under the Audits menu and provides a centralized view of members flagged for potential bot activity.
Members listed in this log are identified based on unusual reservation patterns, allowing admins to review the activity and determine whether the behavior appears automated or requires follow-up. To reduce false positives, members with very low overall activity are ignored by the detection system.
Important note on timing: The bot detection service runs nightly and reports on activity from the previous day—it does not display data in real time. The log will only include activity from the date this feature was released onward.
Navigate to Audits > Bot Detection:
Bot Detection Fields
Member Name: The member associated with the reservation activity. This field links directly to the member’s profile, where the Bot Detection tab can be reviewed in more detail.
Enable CAPTCHA for this member: If global CAPTCHA is not enabled, admins can enable CAPTCHA directly from this log if a member’s activity appears suspicious.
Reason for being flagged: Members appear in this log when their activity meets one or more detection thresholds, including:
High Daily Volume: More than 500 reservation attempts within a single day
Burst Detection
60 or more attempts within 1 minute
200 or more attempts within 5 minutes
Rapid Fire Activity: 20 or more attempts within 10 seconds
Multiple Actions in Less Than 1 Second: Repeated reservation attempts occurring within the same second.
Date Detected: The date the suspicious activity occurred.
Search: Allows admins to quickly find specific activity by keyword.
Export: Downloads the displayed activity data for offline review.
Member Profile - Bot Detection Tab
Each member profile now includes a Bot Detection tab that records reservation creation activity and provides a quick visual log of suspicious patterns.
High-frequency attempts, extremely fast submissions, or repeated actions in short timeframes may indicate automated (bot) behavior. To reduce false positives, members with very low overall activity are excluded from the detection system.
The Bot Detection tab displays a log of reservation creation activity for an individual member, helping admins review potentially automated behavior. Note: This log includes only reservations created through the member portal or mobile app and does not include reservations created by system users from the admin panel.
Bot Detection Fields:
CAPTCHA: When CAPTCHA is not enabled globally, admins can choose to enable or disable CAPTCHA for this specific member.
Start Date / End Date: Filters the activity log to show reservation attempts within a specific date range.
Date: The date the reservation attempt occurred.
Time: The exact time the reservation attempt was made to the millisecond, useful for identifying rapid or repeated actions.
Member: The member associated with the reservation activity.
Email: The email address tied to the member account.
Action: The type of action performed (for example, creating a reservation).
IP Address: The IP address from which the reservation attempt originated, helping identify repeated or automated access patterns.
Search: Allows admins to quickly find specific activity by keyword.
Export: Downloads the displayed activity data for offline review.
Below is an example of a member’s Bot Detection tab showing suspicious activity, where multiple reservations occur on the same day and within a very short time range:
Global CAPTCHA Setting
Instead of turning it on for individual members, clubs can choose to enable CAPTCHA for all members.
Note: Global CAPTCHA should only be enabled if it is absolutely necessary for your organization. Because it applies to all users, it can introduce added friction to the reservation experience. As a best practice, consider enabling CAPTCHA at the individual user level first before applying it globally.
To enable CAPTCHA for All Members:
Go to Settings > Member Settings > CAPTCHA.
Select Enabled. This setting applies CAPTCHA challenges to all members during reservation creation. Admins can return here to disable this global setting at any time.
Summary
Bot Detection features in CourtReserve give clubs the tools they need to identify abnormal reservation behavior, understand why a member is flagged, and take action through CAPTCHA controls. Whether applied globally or to individual members, CAPTCHA helps ensure reservations remain fair, secure, and human-driven.