Overview
Hackers use bots to scan a web application's front end environment to exploit vulnerabilities for access and control.
The Stackpath Bot Shield detects, prevents, and blocks unauthorized vulnerability scans from reaching your application directly. This feature denies hackers the ability to map your site and plan malicious activities. In short, this feature makes an attack more much difficult for a hacker.
The StackPath bot mitigation solution uses the following methods to prevent bad actors from accessing your application:
- User-Agent detection
- Requests with invalid (known to be bad) or missing User-Agents will be blocked.
- Traffic sources
- Requests from hosting services, Tor exit nodes, proxy, or VPN networks will be required to pass a JavaScript challenge.
- Behavioral analysis
- Requests with unusual user behavior will be challenged or blocked.
- Headless browsers/JavaScript automation frameworks:
- Requests from headless browsers will be tagged and will have to pass a JavaScript challenge.
View and Enable Current Bots
You can use these instructions to view a list of currently accepted bots.
By default, StackPath will block any bot that is not listed in the portal.
- In the StackPath Control Portal, in the left-side navigation, click Sites.
- Locate and select the desired site.
- In the left-side navigation, click WAF.
- Navigate to Allow Known Bots, and then expand the section.
- Review the list of accepted bots.
To request an additional bot, contact hi@stackpath.com with information regarding the desired bot.
Enable the 'Let's Encrypt' Bot Rule
You can use these instructions to learn how to add Let's Encrypt to the StackPath WAF.
Let's Encrypt is a free, automated, and open certificate authority that can be used to provide server-side SSL certificates.
With these instructions, you will enable the rule that allows the Let's Encrypt bot to validate requests to create or renew SSL certificates.
- In the StackPath Control Portal, in the left-side navigation, click Sites.
- Locate and select the desired site.
- In the left-side navigation, click WAF.
- Navigate to Allow Known Bots, and then expand the section.
- Locate Let's Encrypt, and then use the slider to activate the feature.
To confirm that the rule works, use the command line interface to see the outcome of a certificate.
If a renewal is successful, the following text will display:
If a renewal is not successful, the following text will display:
Troubleshoot Bots
If you notice that a known crawler or bot is not working or is blocking you, you can perform the following troubleshooting actions:
Action | Steps |
Verify that the bot is whitelisted in the portal. |
|
If the bot is enabled, then you can review the security event. When a bot blocks you, you are presented with a security screen. This screen displays a reference ID. You can use this reference ID to search for the security event in the portal.
|
|