Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/content/docs/en/pages/guides/index.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,7 @@ permalink: /documentation/products/guides/
- [How to install the A/B tests through Azion Marketplace](/en/documentation/products/guides/ab-testing-marketplace/)
- [How to install the Add Request ID integration through Azion Marketplace](/en/documentation/products/guides/add-request-id-header/)
- [How to install the Axur Cardstream integration through Azion Marketplace](/en/documentation/products/guides/axur-cardstream/)
- [How to install the Axur Leakstream integration through Azion Marketplace](/en/documentation/products/guides/axur-leakstream/)
- [How to install the Azion Bot Manager Lite integration from Azion Marketplace](/en/documentation/products/guides/bot-manager-lite/)
- [How to install DataDome Bot Protection through Azion Marketplace](/en/documentation/products/guides/datadome-bot-protection/)
- [How to install the Content Targeting integration through Azion Marketplace](/en/documentation/products/guides/content-targeting-integration/)
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
---
title: "How to Install the Axur Leakstream Integration"
description: >-
Protect your e-commerce from checker attacks and credential fraud with the Axur Leakstream integration, which monitors leaked credentials across the internet.
meta_tags: 'marketplace, security, integrations, e-commerce, credential leak, axur, leakstream'
namespace: docs_guides_axur_leakstream
permalink: /documentation/products/guides/axur-leakstream/
---

import LinkButton from 'azion-webkit/linkbutton'

**Axur Leakstream** is a Firewall integration that monitors internet activity in search of leaked credentials. It helps your e-commerce avoid checker attacks and protect your users' credentials by checking whether a given username and password combination has been exposed in any known data breach.

When a login request arrives at the edge, the function extracts the username and password from the request body, queries the Axur Leakstream API, and appends custom headers to the request. Your **Rules Engine** can then use those headers to take any action you need — such as blocking the request, redirecting the user, or triggering a secondary verification flow.

---

## Requirements

To start using this integration, you need to:

- Create an [Axur account](https://www.axur.com/en-us/) and subscribe to a Leakstream plan that matches the size of your customer base.
- Obtain an Axur **API Token** after your account is enabled.

---

## Getting the integration

To install this integration:

1. Access [Azion Console](/en/documentation/products/guides/how-to-access-azion-console/) > **Marketplace**.
2. On the Marketplace homepage, select the **Leakstream** card.
3. On the integration page, click the **Install** button.

You'll see a message indicating that your integration was successfully installed.

:::tip
You can search for any integration by browsing through the cards, using the filters, or typing a keyword in the search bar.
:::

---

## Configuring the integration

Once you've installed the **Axur Leakstream** integration, complete the steps below to configure it.

### Setting up a Firewall

Follow the steps:

1. On the upper-left corner, open the **Products menu** and select **Firewall** in the **Secure** section.
2. Click the **+ Firewall** button.
3. Give an easy-to-remember name to your firewall.
4. Enable the **Functions** switch in the **Modules** section.
- This action gives access to functions on your firewall.
5. Click the **Save** button.

Done. Now you've instantiated the firewall for your function and have access to functions on your firewall.

:::caution[Warning]
If a product or module is activated, it could generate usage-related costs. Check the [pricing page](/en/documentation/products/pricing/) for more information.
:::

### Setting up the Firewall function

While still on the **Firewall** page:

1. Select the **Functions Instances** tab.
2. Click the **+ Function Instance** button.
3. Give an easy-to-remember name to your instance.
4. On the dropdown menu, select the **Axur Leakstream** function.
5. In the **Arguments** box, pass your variables:

```json
{
"api_key": "YourAxurAPIKey",
"username_field": "user",
"password_field": "password",
"password_hash_type": "sha256",
"execute_hashing": false,
"leakstream_timeout": 60000
}
```

Where:

| Variable | Mandatory | Description |
| ---- | ---- | ---- |
| `api_key` | Yes | The API Token from your Axur account. Required unless the `AXUR_API_V1_LEAKSTREAM_API_KEY` environment variable is set |
| `username_field` | Yes | The name of the request body field that contains the username. Required unless the `AXUR_API_V1_LEAKSTREAM_USERNAME_FIELD` environment variable is set |
| `password_field` | No | The name of the request body field that contains the password |
| `password_hash_type` | No | The hashing algorithm used for the password. Accepted values: `md5`, `sha1`, `sha224`, `sha256`, `sha384`, `sha512` |
| `execute_hashing` | No | When set to `true`, the function automatically hashes the password using SHA-256 before sending it to the Axur API. Recommended when the frontend does not hash the password |
| `leakstream_timeout` | No | Connection timeout (in milliseconds) for requests to the Axur API. Defaults to `60000` (60 seconds) |

:::note
The function supports the following request content types: `application/json`, `application/x-www-form-urlencoded`, and `multipart/form-data`. Requests with other content types are passed through without calling the Axur API.
:::

6. Click the **Save** button.

### Setting up the Rules Engine

The Leakstream integration uses a **two-rule pattern** in the Rules Engine:

- **Rule 1** — triggers the Leakstream function on the target endpoint (for example, a login or account-creation form).
- **Rule 2** — triggers a second, custom response function on the same endpoint. This function reads the custom headers set by Leakstream and decides whether to block the request or allow it through.

The Firewall Rules Engine criteria does not support matching on custom request headers. Because of this, the blocking logic must live inside a second function that reads the `axur-leakstream-leaked` header from the request object and returns the appropriate response.

The table below describes the headers the Leakstream function adds to the request object:

| Header | Value | Description |
| ---- | ---- | ---- |
| `axur-leakstream-leaked` | `true` | The username and password combination was found in a data breach |
| `axur-leakstream-username-leaked` | `true` | The username alone was found in a data breach |
| `axur-leakstream-missing-username` | `true` | The username field was not found in the request body |
| `axur-leakstream-error` | `timeout`, `invalid-content-type`, or an HTTP status code | An error occurred while calling the Axur API |

#### Rule 1 — Run the Leakstream function

Still on the **Firewall** page:

1. Select the **Rules Engine** tab.
2. Click the **+ Rule Engine** button.
3. Give an easy-to-remember name to the rule (for example, `Run Leakstream`).
4. Select a *criteria* to restrict which requests trigger the Leakstream check.
- Example: if `Request Method` *is equal to* `POST` **and** `Request URI` *matches* `/login`.
- This avoids running the check on every request and limits it to login or account-creation endpoints.
5. Below, select **Run Function** as the *behavior* and choose the Leakstream function instance you created earlier.
6. Click the **Save** button.

#### Rule 2 — Act on the result

Before creating this rule, you need a second function instance that reads the `axur-leakstream-leaked` header and returns a custom response. For example, the function below returns an HTML warning page when the header is `true`:

```javascript
async function handleRequest(request) {
const leaked = request.headers.get('axur-leakstream-leaked');

if (leaked === 'true') {
const html = `<!DOCTYPE html>
<html lang="en">
<head>
<title>Warning!</title>
</head>
<body>
<h1>Warning!</h1>
<p>The combination of username and password provided was found in a data breach. You cannot use it.</p>
</body>
</html>`;
return new Response(html, {
status: 403,
headers: { 'content-type': 'text/html;charset=UTF-8' },
});
}

return fetch(request);
}

addEventListener('fetch', event => {
return event.respondWith(handleRequest(event.request));
});
```

After creating and instantiating the response function, add the second rule:

1. Click the **+ Rule Engine** button again.
2. Give an easy-to-remember name to the rule (for example, `Block leaked credentials`).
3. Set the *criteria* to match the **same endpoint** as Rule 1:
- Example: if `Request Method` *is equal to* `POST` **and** `Request URI` *matches* `/login`.
4. Select **Run Function** as the *behavior* and choose the response function instance.
5. Click the **Save** button.

:::note
The Firewall Rules Engine processes rules in order. Rule 1 (Leakstream) must have a **lower order number** than Rule 2 (response function) so the headers are set before the second function reads them.
:::

:::tip
Your response function can also read the `axur-leakstream-username-leaked` header to prompt users to change their password even when the exact username/password combination hasn't been confirmed as leaked.
:::

### Associating the Firewall with your domain

On the Console, you must now configure your domain so it is protected by your Firewall.

1. On the **Products menu**, select **Domains**.
2. Click on the domain you want to protect with your **Leakstream** function.
3. In the **Settings** section, click on the `Firewall` selector and choose the Firewall you've just created.
4. Click the **Save** button.

Done. Now the **Axur Leakstream** integration is running and protecting your users' credentials at the edge.

---

## Related documentation

- [Azion Integrations reference](/en/documentation/products/marketplace/integrations/)
- [How to install an integration](/en/documentation/products/marketplace/install-an-integration/)
- [How to update an integration](/en/documentation/products/marketplace/update-an-integration/)
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ Integrations based on Firewall functions cover the following scenarios and use c
| Integration | Description |
|---|---|
| [Axur Cardstream](/en/documentation/products/guides/axur-cardstream/) | Protect your e-commerce from fraud with the Axur Cardstream integration. |
| [Axur Leakstream](/en/documentation/products/guides/axur-leakstream/) | Monitor leaked credentials and protect your users from checker attacks with the Axur Leakstream integration. |
| [Send Event to Endpoint](/en/documentation/products/guides/send-event-to-endpoint/) | Stream request data to an HTTP endpoint, taking the request data and transmitting it to a user-defined endpoint via JavaScript fetch API. |
| [reCaptcha](/en/documentation/products/guides/recaptcha/) | Protect your domains against bots, monitoring traffic in your website through the Google Dashboard for reCAPTCHA. |
| [hCaptcha](/en/documentation/products/guides/hcaptcha/) | Protect your domains against bots, monitoring traffic on your website by using the hCaptcha dashboard. |
Expand Down
1 change: 1 addition & 0 deletions src/content/docs/pt-br/pages/guias/guides.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,7 @@ permalink: /documentacao/produtos/guias/
- [Como utilizar a integração A/B testing através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/ab-testing-marketplace/)
- [Como instalar a integração Add Request ID através do Azion Marketplace](/pt-br/documentacao/produtos/guias/add-request-id-header/)
- [Como instalar a integração Axur Cardstream através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/axur-cardstream/)
- [Como instalar a integração Axur Leakstream através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/axur-leakstream/)
- [Como instalar o DataDome Bot Protection através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/datadome-bot-protection/)
- [Como utilizar a integração Azion Bot Manager Lite através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/bot-manager-lite/)
- [Como utilizar a integração Content Targeting através do Marketplace da Azion](/pt-br/documentacao/produtos/guias/content-targeting-integration/)
Expand Down
Loading