Guides

Example: Determining if an IP is a Bot, TOR, or VPN

You can create a Workflow to determine whether an incoming IP address is a known bot, TOR node, or VPN. Select an outcome that is right for your environment, such as DENY or prompt for MFA.

  1. Click (+) on the Workflows page.

  2. Enter a name and optional description for the Workflow, and set the Default Action to DENY.

  3. Click Add Rule. Enter Rules with the Risk Filters and set the Actions accordingly. This example sets Actions for bot and TOR to DENY and CHALLENGE for VPN.

  4. After each rule is created, click Save to save the Workflow.

    Sample Workflow to Deny BOT and TOR IPs and Challenge VPNs

    Sample Workflow to Deny bot and TOR IPs and Challenge VPNs

Click Evaluate to test the rules and save the Workflow when finished.

Updated 3 months ago