Block Action
Action Type: BLOCK
Prevents potentially dangerous requests and operations from executing when a security threat is detected.
Available for: Cloud protection modules (Mobile and Desktop)
How It Works
When the Block action is triggered:
- The detected malicious operation is intercepted
- The operation is prevented from executing
- The application continues running normally
- A security incident is logged for analysis
The Block action provides a middle ground between allowing all operations (Log action) and terminating the application (Close action).
When to Use
Recommended for:
- Blocking suspicious API requests detected as malicious
- Preventing unauthorized cloud operations
- Stopping data exfiltration attempts
- Intercepting command injection attacks
Not recommended for:
- Local protection modules (not currently supported)
- Scenarios requiring complete application termination
Cloud Protection Modules
Cloud Protection Coming Soon
Cloud protection modules for the Android SDK are coming soon. When available for the Java SDK, they will enable real-time API call filtering, threat-based request blocking, secure cloud communication validation, and anomaly detection in cloud operations.
The Block action is currently supported only for cloud-based protection modules. These modules analyze network requests, API calls, and cloud-based threats. Standard local protection modules do not yet support the Block action in the Android SDK.
Configuration
JSON Configuration
{
"protections": [
{
"type": "NetworkTampering",
"action": "block",
"interval": 1000
}
]
}{
"protections": [
{
"type": "NetworkTampering",
"action": "block",
"interval": 1000
}
]
}Code-Based Configuration (Kotlin)
import com.bytehide.monitor.Monitor
import com.bytehide.monitor.core.action.ActionType
import com.bytehide.monitor.core.protection.ProtectionModuleType
Monitor.configure { config ->
config.addProtection(
ProtectionModuleType.NETWORK_TAMPERING,
ActionType.BLOCK,
1000
)
}import com.bytehide.monitor.Monitor
import com.bytehide.monitor.core.action.ActionType
import com.bytehide.monitor.core.protection.ProtectionModuleType
Monitor.configure { config ->
config.addProtection(
ProtectionModuleType.NETWORK_TAMPERING,
ActionType.BLOCK,
1000
)
}Code-Based Configuration (Java)
import com.bytehide.monitor.Monitor;
import com.bytehide.monitor.core.action.ActionType;
import com.bytehide.monitor.core.protection.ProtectionModuleType;
Monitor.configure(config -> {
config.addProtection(
ProtectionModuleType.NETWORK_TAMPERING,
ActionType.BLOCK,
1000
);
});import com.bytehide.monitor.Monitor;
import com.bytehide.monitor.core.action.ActionType;
import com.bytehide.monitor.core.protection.ProtectionModuleType;
Monitor.configure(config -> {
config.addProtection(
ProtectionModuleType.NETWORK_TAMPERING,
ActionType.BLOCK,
1000
);
});Best Practices
- Layer Defenses: Combine Block with Log actions on other modules
- Monitor Blocked Operations: Track which operations are being blocked to understand attack patterns
- Test Thoroughly: Ensure legitimate operations are not blocked by testing cloud integration
- Review Logs: Regularly review logs of blocked operations for security insights
Related Actions
Close Action
Terminate the application immediately
Log Action
Record incidents without blocking operations
Custom Action
Implement custom blocking or filtering logic