Using AWS Lambad@edge and Cloudfront with https://Apility.io API to add to the request headers information of the blacklists of abusers that contains the IP address of the client.

aws-lambdaedge-apilityio-add-header.js

'use strict';

const http = require('http');
exports.handler = (event, context, callback) => {
    var startTime = new Date();
    const request = event.Records[0].cf.request;
    let clientIp = request.clientIp;
    var options = {
        host: "api.apility.net",
        path: "/badip/" + clientIp,
        headers: {
            "Accept": "application/json",
            "X-AUTH-TOKEN": "APILITYIO_API_KEY"
        }
    };
    http.get(options, (resp) => {
      let code = resp.statusCode;
      let blacklists = "";
      if (code==200) {
          let data = '';
          resp.on('data', (chunk) => {
            data += chunk;
          });
          resp.on('end', () => {
            blacklists = JSON.parse(data)['response'].join(',');
            request.headers['apilityio-badip'] = [{ 'key': 'Apilityio-Badip', 'value': blacklists }];
            var endTime = new Date();      
            request.headers['apilityio-elapsed-time'] = [{ 'key': 'Apilityio-Elapsed-Time', 'value': (endTime - startTime).toString() }];
            callback(null, request);
          });
      }
      else {
        if (code==429) {
          blacklists = "Quota exceeded.";
        }
        request.headers['apilityio-badip'] = [{ 'key': 'Apilityio-Badip', 'value': blacklists }];
        var endTime = new Date();      
        request.headers['apilityio-elapsed-time'] = [{ 'key': 'Apilityio-Elapsed-Time', 'value': (endTime - startTime).toString() }];
        callback(null, request);
      }
    }).on("error", (err) => {
      console.log("Error: " + err.message);
      callback(null, request);
    });
}


;

aws-lambdaedge-clientip-addheader.js

'use strict';

exports.handler = (event, context, callback) => {
    const request = event.Records[0].cf.request;
    let clientIp = request.clientIp;
    request.headers['client-ip'] = [{ 'key': 'Client-Ip', 'value': clientIp }];
    callback(null, request);
}
;