Radware Bot Manager Block Page Implementation guide

Getting Started

This section walks you through the steps involved in implementing the Block page as an add-on to the ShieldSquare service.

This guide requires a complete working integration of the connectors or the REST API.

Prerequisites:

  1. Integrate Radware Bot Manager with your web application.

  2. Activate the Radware Bot Manager service in Active mode.

  3. Configure the rules from your dashboard for the Radware Bot Manager service to respond with the block response code “3”.

Implementation

  1. Make a call to the Radware Bot Manager API.

  2. Check the response code received from the API.

  3. If the response code is 3, redirect the user to the Block Page.

  4. Pseudo Code for Active Mode

    1 2 3 4 5 6 7 8 INCLUDE ShieldSquare library. INITIALIZED userId, pid to empty. INITIALIZED call type to 1. CALL shieldsquare_ValidateRequest(Arguments) IF responseCode is equal to 1 THEN Print "Allow Request". ELSEIF responseCode is equal to 3 THEN Redirect to Block page.
  5. On the block, the page makes another call to the Radware Bot Manager API by passing the call type parameter with value 4. This is to let the service know that a Block has been implemented.

  6. Sample Block Page Code 

    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 <html> <head> INITIALIZED userId, pid to empty. INITIALIZED call type to 4. CALL shieldsquare_ValidateRequest(Arguments) </head> <body> <p> class="lead">We have detected some suspicious activity from this computer, due to which we have blocked your access to this site. Please complete the form and submit to unblock your access .</p> <form id="unblockForm" method="post" action="Post this to a file which will persist these details"> <div id="first_name"> <label for="input_first_name">First Name:</label> <input type="text" id="input_first_name" name="first_name" value="" /> </div> <div id="last_name"> <label for="input_last_name">Last Name:</label> <input type="text" id="input_last_name" name="last_name" value="" /> </div> <div id="email"> <label for="input_email">E-mail:</label> <input type="text" id="input_email" name="email" value="" /> </div> <div id="city" style="display: none"> <label for="input_city">City (Leave Blank):</label> <input type="text" id="input_city" name="city" value="" /> </div> <div id="unblock"> <input id="input_unblock" name="unblock" type="submit" value="Request Unblock" /> </div> </form> </body> </html>
  7. It is recommended to add a form to collect user details so that certain users can be unblocked. The form can POST the details to a file which will persist the details.

This should be a server-side redirect.