Skip to content

How to Bot Protection on TR7?

About

What is Bot Protection?

There are 11 different types of bots on TR7 ASP. In requests to the vService, the User-Agent header is checked, and if it matches one of the selected Bot Types, the corresponding action is triggered. On TR7 ASP, these categories are divided as follows:

  • Malicious Bots
  • Development Tools (wget, curl, Postman vs.)
  • Search Engines (Googlebot, Yahoo, bingbot vs.)
  • Social Media (facebookplatform, LinkedInBot vs.)
  • Crawler (Google Search Console vs.)
  • Monitoring (CloudflareDiagnostics, Datadog Agent vs.)
  • Service (SkypeUriPreview, YahooMailProxy, Grammarly vs.)
  • Benchmark (ApacheBench vs.)
  • Security Checker (Nmap Scripting Engine, sqlmap/, TLSProbe vs.)
  • Feed (FeedBurner, FreshRSS vs.)
  • Other

Interface

Bot Protection

Step > 1

First, to define the Bot Protection condition, follow the steps: "Traffic Manager > Traffic Manipulation > Conditions > Add." In the opened screen, select "Bot Type" as the criterion and choose the desired bot types from the list. TR7 performs bot control across 11 different categories, including Malicious Bots, Development Tools, Search Engines, Social Media, Crawlers, Monitoring, Service, Benchmark, Security Checker, Feed, and Others.

Click the "Add" button to create the condition.

LOGO

Step > 2

Next, determine what Action to take when the User-Agent Header matches the selected bot types in requests to the vService.

"Traffic Manager > Traffic Manipulation > Actions > Add." You can choose various action types like Block, Show Content, Location Redirect, etc. Select "Block" then choose the created bot condition from the Conditions tab, and click the "Add" button. This way, requests from the specified bots will be blocked with a 403 status code, preventing them from reaching the backend server.

LOGO

Step > 3

To apply the created action to the vService where bot protection will be active, open the editing screen for the relevant vService.

Activate "Details > Actions" select the created bot protection action, and click the "Save" button to apply the changes.

LOGO

Control

Postman and Browser

To test the action, make a request to the relevant vService's IP:Port using the Postman application, which falls under the Development Tools category. As specified in the action, you will see that the request is blocked with a 403 status code. When a request is made from a browser, it will successfully access the application server behind the vService.

LOGO
LOGO