Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Sign up to create a Radware Bot Manager account (if you do not already have one).

How does it work? 

...

  • Radware Bot Manager connector built using Lambda function should be integrated at 'Viewer response' point

  • Radware Bot Manager connector to post data asynchronously to Radware Bot Manager endpoint

  • Radware Bot Manager bot engine analyzes the data received from the AWS Cloudfront Lambda

  • Radware Bot Manager bot engine updates the Bot IP Feed with bad signatures

  • Using AWS Web ACL, bad IP addresses can be blacklisted at the AWS CloudFront

Instructions

Follow these instructions to integrate the Radware Bot Manager connector.

  1. Go to https://console.aws.amazon.com/lambda/home?region=us-east-1#/ and select 'US East (N.Virginia) as the region in the top menu.

  2. Click on 'Create Function' to create the Radware Bot Manager Lambda function. 

...

  1. Image Added
  2. Select 'Author From Scratch' and type a name for the function (recommended: "RadwareLambda"). Set RunTime to - Nodejs 10.x

  3. Click on “Choose or create an execution role” and select “Create a new role from AWS policy templates”.

    1. Give role name e.g. "myRole".

    2. For policy templates select “Basic Lambda@Edge permission (for CloudFront Trigger)”.

  4. Click on 'Create Function' and wait for the successful creation message.

...

  1. Image Added
  2. Scroll down and go to the Function code section.

    1. Select 'Upload a .ZIP file' under Code entry type and upload the shared ss2.zip kit using the "upload from a zip file" option.

    2. Rename the Handler from 'index.handler' to "ss2.validateRequest". 

    3. Click on 'Save' at the top right corner and you will get the Radware lambda function uploaded successfully. 

...

    1. Image Added


  1. Scroll down and update the '_sid' value with your subscriber production ID in ss2.js file and 'Save' the file. Select 'Actions' and click on 'Publish new version' to publish Radware CloudFront integration.

...

  1. Image Added

...

  1. Note: You can test the function before deploying it to CloudFront by selecting the test event 'Amazon CloudFront Simple Remote Call' in Select a test event dropdown.

  2. Scroll down to the "Designer Add Trigger" section and select "CloudFront".

    1. Select 'Distribution name' and scroll further to select 'Viewer Request' under the CloudFront event.

    2. Check 'Enable trigger and replicate' and click on "Add".

    3. Click on 'Save' to save your Radware lambda function.
      Note: Ensure you select 'Viewer Request' as Event type while editing the behavior of CloudFront.

  3. Click on 'Create Function' to create another Lambda function and Follow steps 3 and 4.

  4. Replace index.js file code with the below code

Code Block
languagejs
exports.validateRequest = function(event, context, callback) {
     
    const incomingReq = event.Records[0].cf.request;
    const ss_response = event.Records[0].cf.response;
    try {
        if(incomingReq.headers['ss-set-cookie'] !== undefined) {
            if( ss_response.headers['set-cookie'] === undefined) {
                ss_response.headers['set-cookie'] = []
            }
            ss_response.headers["set-cookie"].push(
                { "key": "Set-Cookie", "value": incomingReq.headers['ss-set-cookie'][0].value },
                { "key": "Set-Cookie", "value": incomingReq.headers['ss-set-cookie'][1].value },
                { "key": "Set-Cookie", "value": incomingReq.headers['ss-set-cookie'][2].value },
                { "key": "Set-Cookie", "value": incomingReq.headers['ss-set-cookie'][3].value }
            )
        }
    }catch(err){
        console.log("[ShieldSquare]: Cannot set cookie because ss-set-cookie not found." );
        console.log("[ShieldSquare]: " + err);
    }
    callback(null, ss_response);
}
  • Rename the Handler from 'index.handler' to "index.validateRequest"

  • Click on 'Save' at the top right corner and you will get the Radware lambda function uploaded successfully.

11. Scroll down to "Designer Add Trigger" and select "CloudFront".

  • Select 'Distribution name' and scroll further to select 'Viewer Response' under the CloudFront event.

  • Check 'Enable trigger and replicate' and click on "Add".

  • Click on 'Save' to save your Radware Bot Manager lambda function. 

Info

Write to  botmanager_support@radware.com for clarifications.