Help Center

  1. StackPath Help
  2. WAF
  3. Troubleshooting Tips

Enabling and Troubleshooting Bot Protection

Avatar
Robert T
Updated:

Overview

Hackers use bots to scan a web application's front end environment to exploit vulnerabilities for access and control.

The Stackpath Bot Shield detects, prevents, and blocks unauthorized vulnerability scans from reaching your application directly. This feature denies hackers the ability to map your site and plan malicious activities. In short, this feature makes an attack more much difficult for a hacker.

The StackPath bot mitigation solution uses the following methods to prevent bad actors from accessing your application:

  • User-Agent detection
    • Requests with invalid (known to be bad) or missing User-Agents will be blocked.
  • Traffic sources
    • Requests from hosting services, Tor exit nodes, proxy, or VPN networks will be required to pass a JavaScript challenge.
  • Behavioral analysis
    • Requests with unusual user behavior will be challenged or blocked.
  • Headless browsers/JavaScript automation frameworks:
    • Requests from headless browsers will be tagged and will have to pass a JavaScript challenge.

View and Enable Current Bots

You can use these instructions to view a list of currently accepted bots.

By default, StackPath will block any bot that is not listed in the portal. 

  1. In the StackPath Control Portal, in the left-side navigation, click Sites.
  2. Locate and select the desired site.
  3. In the left-side navigation, click WAF.
  4. Navigate to Allow Known Bots, and then expand the section.
  5. Review the list of accepted bots.

To request an additional bot, contact hi@stackpath.com with information regarding the desired bot.

Enable the 'Let's Encrypt' Bot Rule

You can use these instructions to learn how to add Let's Encrypt to the StackPath WAF.

Let's Encrypt is a free, automated, and open certificate authority that can be used to provide server-side SSL certificates.

With these instructions, you will enable the rule that allows the Let's Encrypt bot to validate requests to create or renew SSL certificates. 

  1. In the StackPath Control Portal, in the left-side navigation, click Sites
  2. Locate and select the desired site.
  3. In the left-side navigation, click WAF.
  4. Navigate to Allow Known Bots, and then expand the section.
  5. Locate Let's Encrypt, and then use the slider to activate the feature.

To confirm that the rule works, use the command line interface to see the outcome of a certificate. 

If a renewal is successful, the following text will display: Lets_Encrypt_Success.png

If a renewal is not successful, the following text will display: 

Lets_Encrypt_Fail.png
Lets_Encrypt_Fail_2.png

Troubleshoot Bots

If you notice that a known crawler or bot is not working or is blocking you, you can perform the following troubleshooting actions: 

Action Steps
Verify that the bot is whitelisted in the portal.
  1. In the StackPath Control Portal, in the left-side navigation, click Sites
  2. Locate and select the desired site. 
  3. In the left-side navigation, click WAF
  4. Expand Allow Known Bots, and then verify if the desired bot is enabled.

If the bot is enabled, then you can review the security event.

When a bot blocks you, you are presented with a security screen. This screen displays a reference ID. You can use this reference ID to search for the security event in the portal.

  • If you do not have a reference ID, then you can open each security event until you find a user agent that matches the bot.
  1. In the StackPath Control Portal, in the left-side navigation, click Sites.
  2. Locate and select your desired site.
  3. In the left-side navigation, click Analytics.
  4. Select the WAF tab.
  5. Under Requests, enter the Reference ID for the request.
    • This action will display all requests with matching Reference IDs. You can use this information to find possible patterns in the requests.
    • If you do not have a reference ID, then you can open each security event until you find a user agent that matches the bot.
  6. Select a request to view details, including:
    • Rule Name displays the name of the rule that was triggered for the specific security request.
    • Action Taken displays the WAF action that was taken against the request (Blocked or Passed).
    • HTTP method, client IP, country of origin, user agent, and more.
  7. Based on this information, determine why the bot was blocked or presented with a security screen.
    • Based on the information in the request, you can create a custom rule to allow the bot. To learn more, see  WAF Rules.
Was this article helpful?

Related articles

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.

Contact Us