Distil has assigned a threat value to each API request. Distil appends a header x-distil-threats with a value in each request sent from Distil to the origin. A value of 0 indicates that no threat has been identified.
If you’d like more information on x-distil-bot values related to our bot mitigation solution for web applications, see the Web X-Distil-Bot Values article.
The following table lists possible x-distil-threats values.
|
X-Distil-Threats |
Threat Type |
|
1 |
Blacklisted: Token |
|
2 |
Blacklisted: Country |
|
4 |
Blacklisted: Header |
|
8 |
Token Management Violation: No Token |
|
16 |
Rate Limited: |
|
32 |
Rate Limited: Graduated Requests Per Minute |
|
128 |
Rate Limited: Session Length |
|
256 |
Rate Limited: |
|
512 |
Rate Limited: Graduated Session Length |
|
1024 |
Rate Limited: Graduated Requests Per Session |
|
2048 |
Blacklisted: IP |
|
4096 |
Token Management Violation: Tokens Per IP |
|
8192 |
Token Management Violation: IPs Per Token |
|
131072 |
Token Management Violation: Invalid Token |
|
1048576 |
Blacklisted: Organization |
Multiple threats may be identified for a single request. As such, the value passed to origin is quite often a sum of the above values. A common value is 12289, which evaluates to:
|
X-Distil-Threats |
Threat Type |
|
1 |
Blacklisted: Token |
|
4096 |
Token Management: Violation: Tokens Per IP |
|
8192 |
Token Management: Violation: IPs Per Token |
TIP: Appending this value to your server logs can be invaluable in investigating suspicious traffic.
Whitelisted Requests
If a request is whitelisted, Distil assigns a whitelist value to the API request. Distil appends a header x-distil-whitelist with a value in each request sent from Distil to the origin.
The following table lists possible x-distil-whitelist values.
|
X-Distil-Whitelist |
Whitelist Type |
|
1 |
Identifier |
|
2 |
Country |
|
4 |
Header |
|
2048 |
IP |
|
1048576 |
Organization |
Comments