How to block Tor Exit Nodes requests using a template

The Bot Manager Lite and TOR Block Starter Kit template enables you to deploy a basic security suite to protect your domains from bad bots and Tor Exit Nodes requests.

This template automatically creates a new edge firewall that includes the rules to execute an edge function instance, confirm if your domains are valid, and deny requests from the pre-built “Azion IP Tor Exit Nodes” network list. All of this, working in conjunction with the Edge Functions and Network Layer Protection modules and Bot Manager Lite.

Requirements

Before deploying this template, you must:

  • Have the Edge Functions and Network Layer Protection modules enabled in your account.
    • To do so, go to the Billing & Subscriptions section and activate the switch for the module.
    • If these modules are activated, executing this template could generate usage-related costs. Check the pricing page for more information.
  • Launch the latest version of the Bot Manager Lite integration.
    • Go to Azion Marketplace to install this integration by clicking the *Install button. Check the How to install Azion Bot Manager Lite guide for more details.
    • If you didn’t install the Bot Manager Lite function before deploying this template, the execution will fail and a log explaining the reason will be printed.

Deploying the template

You can obtain and configure your template through the Azion Console. To easily deploy it at the edge, click the button below.

Deploy

Setting up the template

In the configuration form, you must provide the information to configure your application.

  • Domain ID(s): the IDs of the domains you want to protect with this template.
    • To get the IDs, you can go to the Domains page, select the one you want to use, and copy the ID in the URL. You can also get it via Azion API.
    • This field is optional. If no value is set, the new edge firewall won’t be linked to any domain. You can add it manually later.

After completing all the information, click the Deploy button, located in the bottom-right corner. This will start the deployment process.

You can follow the deployment process through a window showing off the logs. When it’s complete, the page shows information about the application and some options to continue your journey.

Now you can manage and adjust the settings through Azion Console.

Key configurations

The template verifies if the account complies with the requirements to create a function instance of the Bot Manager Lite and create a Rules Engine rule to execute the function instance. If it doesn’t comply with the requirements, the execution will fail and a log explaining the reason will be printed.

The function instance has the following JSON Args:

{
  "threshold": 10,
  "action": "allow",
  "internal_logs": 2
}

Where:

  • threshold: the maximum score the request can reach before the function takes an action. If it has no value, the function won’t take action. Default value: 10.
  • action: the action to be taken by the function whenever the request’s score is greater than or equal to the defined threshold. Possible values: allow, custom_html, deny, drop, hold_connection, random_delay, and redirect. Default value: allow.
  • internal_logs: every execution of the Bot Manager Lite writes report logs, no matter the score of the request.

You can calibrate and edit the arguments to better adjust the integration to your needs. To read more about the Bot Manager Lite variables, check the How to install Azion Bot Manager Lite and How to manage bots guides.

Viewing logs

After executing the template, the requests will generate logs that can be seen in Real-Time Events. By analyzing the logs generated by Bot Manager Lite, you can get insights to understand if any changes in the function Instance’s JSON Args are needed.

Read more on How to observe and calibrate rules.

Managing the template

All settings can be customized at any time you need through Azion Console. To manage and edit your edge application’s settings, proceed as follows:

  1. Access Azion Console > Edge Application.
  • You’ll be redirected to the Edge Application page. It lists all the edge applications you’ve created.
  1. Select the edge application related to this template.
  • The list is organized alphabetically. You can also use the search bar located in the upper-left corner of the list; currently, it filters only by Application Name.

After selecting the edge application you’ll work on, you’ll be directed to a page containing all the settings you can configure.

Adding a custom domain

The edge application created during the deployment has an assigned Azion domain to make it accessible through the browser. The domain has the following format: xxxxxxxxxx.map.azionedge.net/. However, you can add a custom domain for users to access your edge application through it.

Go to configuring a domain guide reference

Learn how to block Tor Exit Nodes requests using a template. Watch the video below:

Contributors