The tutorial video below covers the same topics as this article.
Much like the Malicious Countries Report (available from the Web Security header of the Distil Networks Portal), the Countries Report displays those countries hosting the most abusive or malicious requests targeting your APIs.
Use this report to isolate problem countries and blacklist them from making future attempts.
Accessing the Countries Report
- Log in to the Distil Networks Portal.
- Click API Security on the banner menu.
- Click Reports on the left panel.
- Click Countries.
Reviewing the Countries Report
The Countries Report includes:
- Date Filter (upper-right corner) – Select a specific date range to view.
- Countries with Violations table – Review and manage the top countries sending abusive requests.
- Top 5 Countries by Number of Violations – Displays a graphical representation of the top countries associated with abusive requests. You can add or remove a country from the graph by selecting it from the legend.
Click any country record from within the Countries with Violations table to display additional information, including the total number of specific violations (shown below).
NOTE: Selecting a record also opens Access Controls dialog box to let you blacklist the country from accessing your API.
Blacklisting Countries via the Countries Report
Having identified a troublesome country (-ies) in the Countries Report, use the Access Controls dialog box to blacklist it and stop future attempts.
- Select the checkbox adjacent to any country to open the Access Controls dialog box.
NOTE: You can optionally select a Domain and Security Setting Rule to target a specific domain. Do not make a selection if you wish to blacklist the country from all of your protected API domains.
- Click [Blacklist].
- Click Blacklist to save the settings, thereby blacklisting any future requests originating from the selected country.