How to block Tor Exit Nodes requests using a template

The Bot Manager and TOR Block Starter Kit template enables you to deploy a basic security suite to protect your domains from bad bots and Tor Exit Nodes requests.

This template automatically creates a new edge firewall that includes the rules to execute an edge function instance, confirm if your domains are valid, and deny requests from the pre-built “Azion IP Tor Exit Nodes” network list. All of this, working in conjunction with the Edge Functions and Network Layer Protection modules and Bot Manager.


Before deploying this template, you must:

  • Have the Edge Functions and Network Layer Protection modules enabled in your account.
    • To do so, go to the Billing & Subscriptions section and activate the switch for the module.
    • If these modules are activated, executing this template could generate usage-related costs. Check the pricing page for more information.
  • Launch the latest version of the Bot Manager integration.
    • Go to Azion Marketplace to install this integration by clicking the *Install button. Check the How to install Azion Bot Manager guide for more details.
    • If you didn’t install the Bot Manager function before deploying this template, the execution will fail and a log explaining the reason will be printed.

To use this template, access Azion Console and click the + Create button on the homepage.

This will open a modal where you can select Templates > Bot Manager and TOR Block Starter Kit card.


In the configuration form, you must provide the information to configure your application.

  • Domain ID(s): the IDs of the domains you want to protect with this template.
    • To get the IDs, you can go to the Domains page, select the one you want to use, and copy the ID in the URL. You can also get it via Azion API.
    • This field is optional. If no value is set, the new edge firewall won’t be linked to any domain. You can add it manually later.

After completing all the information, click the Deploy button, located in the bottom-right corner. This will start the deployment process.

You can follow the deployment process through a window showing off the logs. When it’s complete, the page shows information about the application and some options to continue your journey.

Now you can manage and adjust the settings through Azion Console.

The template verifies if the account complies with the requirements to create a function instance of the Bot Manager and create a Rules Engine rule to execute the function instance. If it doesn’t comply with the requirements, the execution will fail and a log explaining the reason will be printed.

The function instance has the following JSON Args:

{
"threshold": 10,
"action": "allow",
"internal_logs": 2
}

Where:

  • threshold: the maximum score the request can reach before the function takes an action. If it has no value, the function won’t take action. Default value: 10.
  • action: the action to be taken by the function whenever the request’s score is greater than or equal to the defined threshold. Possible values: allow, custom_html, deny, drop, hold_connection, random_delay, and redirect. Default value: allow.
  • internal_logs: every execution of the Bot Manager writes report logs, no matter the score of the request.

You can calibrate and edit the arguments to better adjust the integration to your needs. To read more about the Bot Manager variables, check the How to install Azion Bot Manager and How to manage bots guides.


After executing the template, the requests will generate logs that can be seen in Real-Time Events. By analyzing the logs generated by Bot Manager, you can get insights to understand if any changes in the function Instance’s JSON Args are needed.

Read more on How to observe and calibrate rules.


All settings can be customized at any time you need through Azion Console. To manage and edit your edge application’s settings, proceed as follows:

  1. Access Azion Console > Edge Application.
  • You’ll be redirected to the Edge Application page. It lists all the edge applications you’ve created.
  1. Select the edge application related to this template.
  • The list is organized alphabetically. You can also use the search bar located in the upper-left corner of the list; currently, it filters only by Application Name.

After selecting the edge application you’ll work on, you’ll be directed to a page containing all the settings you can configure.

The edge application created during the deployment has an assigned Azion domain to make it accessible through the browser. The domain has the following format: xxxxxxxxxx.map.azionedge.net/. However, you can add a custom domain for users to access your edge application through it.

go to configuring a domain guide reference

Contributors