Installing the Enforcer

Prerequisites

To install Akamai EdgeWorker Enforcer, make sure you have access to Akamai’s Property Manager, EdgeWorkers, and NetStorage services.

EdgeWorker Installation Overview

The Akamai EdgeWorker installation has four steps:

  1. Compile and upload the PerimeterX Akamai EdgeWorker.
  2. Add the required static files to your Akamai NetStorage.
  3. Add the required Property Manager rules to your Akamai Property.
  4. Configure the enforcer by adding the relevant Property Variables to your Akamai Property.

Uploading the PerimeterX EdgeWorker Code

📘

Note!

Please ensure that the Akamai Edgeworker executes with the Dynamic Compute (200) resource tier. The enforcer will not work properly if the Edgeworker executes with the Basic Compute (100) resource tier.

PerimeterX will provide a zipped file with the Akamai EdgeWorker JavaScript code. In your Akamai account, navigate to the EdgeWorker section and create a new EdgeWorker with the provided file. Click into the created EdgeWorker and activate it in your desired environment (staging or production).

Uploading Static Files to NetStorage

PerimeterX will also provide you with a number of static (CSS, JS, and/or HTML) files for you to add into your Akamai NetStorage File Manager. Your Akamai Property will refer to this NetStorage account to retrieve these files.

3526

NetStorage

Adding PerimeterX Property Manager Rules

For the PerimeterX EdgeWorker to function properly in your Akamai Property, you will need to add the following rules at the very end of the Akamai Property Configuration. Refer to the outline and screenshots below for how to configure these rules.

  • PXEnforcerRule
    • PXBypassResponseProviderRule
      • PXSetGraphqlBypassResponseProviderRule
      • PXSetCIBypassResponseProviderRule
    • PXWorkerRule
    • PXStaticContentWorkerRule
    • PXBlockRule
    • PXSapiRule
      • PXFirstPartyClientRule
      • PXFirstPartyCaptchaRule
      • PXNoCacheRule
      • PXFirstPartyXHRRule
      • PXTelemetryRule
      • PXActivitiesRule
      • PXRiskApiRule
    • PXResponseRule
      • PXSetResponseProviderErrorRule
      • PXEdgeworkerFailureRule

Screenshots of these rules are found below.

1014

PXEnforcerRule

1014

PXBypassResponseProviderRule

1924

PXSetCIBypassResponseProviderRule

1958

PXSetGraphqlBypassResponseProviderRule

921

PXWorkerRule

921

PXStaticContentWorkerRule

856

PXBlockRule

939

PXSapiRule

856

PXFirstPartyClientRule

856

PXFirstPartyCaptchaRule

856

PXNoCacheRule

939

PXFirstPartyXHRRule

856

PXTelemetryRule

856

PXActivitiesRule

856

PXRiskApiRule

856

PXResponseRule

816

PXSetResponseProviderErrorRule

816

PXEdgeworkerFailureRule

Required Property Variables

The PerimeterX Application ID / AppId and PerimeterX Token / Auth Token can be found in the Bot Defender Portal, under Applications.

The PerimeterX Cookie Encryption Key can be found in the Bot Defender Portal, under Policies.

The Policy from where the Cookie Encryption Key is taken must correspond with the Application from where the Application ID / AppId and PerimeterX Token / Auth Token.

PX_APP_ID

PerimeterX Custom Application ID (appID) in its full format.
For example PX8N12knJ1 is the correct value while 8N12knJ1 is missing the PX prefix.

PX_AUTH_TOKEN

JWT token used for REST API.

PX_COOKIE_SECRET

The key used for cookie signing.

BYPASS_EW_RP_EVENT

This value should be set to true to prevent the responseProvider event from being called by default.

The following variables are used by the Akamai Enforcer and must be added to the Property Variables section. Their values should be left blank.

PX_CLIENT_IP

PX_EW_IP

PX_TLS_VERSION

PX_TLS_CIPHER_NAME

PX_TLS_PREFERRED_CIPHERS

PX_RP_STATUS

PX_RP_ERROR