Installing the Enforcer

Prerequisites

To install Akamai EdgeWorker Enforcer, make sure you have access to Akamai’s Property Manager, EdgeWorkers, and NetStorage services.

EdgeWorker Installation Overview

The Akamai EdgeWorker installation has four steps:

1. Compile and upload the HUMAN Akamai EdgeWorker.
2. Add the required static files to your Akamai NetStorage.
3. Add the required Property Manager rules to your Akamai Property.
4. Configure the enforcer by adding the relevant Property Variables to your Akamai Property.

Uploading the HUMAN EdgeWorker Code

HUMAN will provide a zipped file with the Akamai EdgeWorker JavaScript code. In your Akamai account, navigate to the EdgeWorker section and create a new EdgeWorker with the provided file. Click into the created EdgeWorker and activate it in your desired environment (staging or production).

Uploading Static Files to NetStorage

HUMAN will also provide you with a number of static (CSS, JS, and/or HTML) files for you to add into your Akamai NetStorage File Manager. Your Akamai Property will refer to this NetStorage account to retrieve these files.

 

Adding HUMAN Property Manager Rules

For the HUMAN EdgeWorker to function properly in your Akamai Property, you will need to add the following rules at the very end of the Akamai Property Configuration. Refer to the outline and screenshots below for how to configure these rules.

• PXEnforcerRule
  • PXBypassResponseProviderRule
    • PXSetGraphqlBypassResponseProviderRule
    • PXSetCIBypassResponseProviderRule
  • PXWorkerRule
  • PXStaticContentWorkerRule
  • PXBlockRule
  • PXSapiRule
    • PXFirstPartyClientRule
    • PXFirstPartyCaptchaRule
    • PXNoCacheRule
    • PXFirstPartyXHRRule
    • PXTelemetryRule
    • PXActivitiesRule
    • PXRiskApiRule
  • PXResponseRule
    • PXSetResponseProviderErrorRule
    • PXEdgeworkerFailureRule

Screenshots of these rules are found below.

EnforcerRuleH

 

 

SetCIBypassResponseProviderRule

 

SetGraphqlBypassResponseProviderRule

 * In case you'd like to filter additional HTTP methods please follow instructions under "Filter by HTTP Method" in Configuration options 

WorkerRule

 

StaticContentWorkerRule

 

BlockRule

 

SapiRule

 

FirstPartyClientRule

 

FirstPartyCaptchaRule

 

NoCacheRule

 

FirstPartyXHRRule

 

TelemetryRule

 

ActivitiesRule

 

RiskApiRule

 

ResponseRule

 

SetResponseProviderErrorRule

 

EdgeworkerFailureRule

 

Required Property Variables

The HUMAN Application ID / AppId and HUMAN Token / Auth Token can be found in the Bot Defender Portal, under Applications.

The HUMAN Cookie Encryption Key can be found in the Bot Defender Portal, under Policies.

The Policy from where the Cookie Encryption Key is taken must correspond with the Application from where the Application ID / AppId and HUMAN Token / Auth Token.

PX_APP_ID

HUMAN Custom Application ID (appID) in its full format.
For example PX8N12knJ1 is the correct value while 8N12knJ1 is missing the HUMAN prefix.

PX_AUTH_TOKEN

JWT token used for REST API.

PX_COOKIE_SECRET

The key used for cookie signing.

BYPASS_EW_RP_EVENT

This value should be set to true to prevent the responseProvider event from being called by default.

The following variables are used by the Akamai Enforcer and must be added to the Property Variables section. Their values should be left blank.

• PX_CLIENT_IP
• PX_EW_IP
• PX_TLS_VERSION
• PX_TLS_CIPHER_NAME
• PX_TLS_PREFERRED_CIPHERS
• PX_RP_STATUS
• PX_RP_ERROR