Skip to main content

Block Unwanted Requests Examples

With Traffic Policy, you can block unwanted requests to your endpoints. This page demonstrates a few example rules that do so.

See the following Traffic Policy action docs for more information:

Deny traffic from Tor networks

This rule uses the connection variables available in IP Intelligence to block Tor exit node IPs.

Loading…

Show agent config example

Block bots and crawlers with a robots.txt

This rule returns a custom response with a robots.txt file to deny search engine or AI crawlers on all paths.

Loading…

Show agent config example

You can extend this example to create specific rules for crawlers based on their user agent strings, like ChatGPT-User and GPTBot.

Loading…

Show agent config example

Block bots and crawlers by user agent

You can also take action on incoming requests that contain specific strings in the req.user_agent request variable.

Loading…

Show agent config example

tip

You can expand the expression to include additional user agents by extending the (chatgpt-user|gptbot) section of the regular expression.

Loading…

Deny non-GET requests

This rule denies all inbound traffic that is not a GET request.

Loading…

Show agent config example

Custom response for unauthorized requests

This rule sends a custom response with status code 401 and body Unauthorized for requests without an Authorization header.

Loading…

Show agent config example

Block traffic from specific countries

Sometimes you may need to block requests originating from one or more countries to remain compliant with data regulations or sanctions. This rule blocks requests based on the origin country using ISO country codes with the following steps:

  1. Check if the request is from an array of countries you can define
  2. If so, return a 401 status code with an error message.
Loading…

Show agent config example

Limit request sizes

This rule demonstrates how to prevent excessively large user uploads, like text or images, that might cause performance or availability issues for your upstream service with the following steps:

  1. Check if the request is POST or `PUT
  2. Check if the request's content is 1MB or larger.
  3. If both conditions are met, return a 400 status code with an error message.
Loading…

Show agent config example