Contents x
    Additional Information
    • 13 Nov 2023
    • Print
    • Dark
      Light
    Contents

    Additional Information

    • Updated on 13 Nov 2023
    • Print
    • Dark
      Light
    Article Summary

    Async Activities

    Activities such as page_requested, block or async_monitor are sent through Syslog. This allows the module to send these activities to the HUMAN backend without blocking the request.

    Enable Module Header

    This configuration enables the module only when the configured header is present and its value is set to True.
    If enable_module_header_name configuration is empty then the module_enabled configuration will determine if the module is enabled or not.

    Example:

    tcl

    when HTTP_REQUEST {
...
    set send_page_activities 1
    set send_block_activities 1
    set enable_module_header_name "X-PX-ENABLE-MODULE"

}

    Test Block Flow on Monitoring Mode

    Allows you to test the enforcer’s blocking flow while it is still set to Monitor Mode.

    When the header name is set (x-px-block), and the value is set to 1, when there is a block response (for example from using a User-Agent header with the value of PhantomJS/1.0), Monitor Mode is bypassed and full Block Mode is applied. If one of the conditions is missing you will stay in Monitor Mode. This is done per request.
    To stay in Monitor Mode, set the header value to 0.

    The Header Name is configurable using the bypass_monitor_header property.

    tcl

    when HTTP_REQUEST {
...
    set bypass_monitor_header "x-px-block"
...
}

    Enrich Custom Parameters

    The px_add_custom_parameters function allows you to add up to 10 custom parameters to be returned to HUMAN servers on risk_api calls. When configured, the function is called before setting the payload on every risk_api request to HUMAN servers. The parameters should be passed in the correct order (i.e. if userid is set to custom-param1 in the HUMAN console, it should always be sent as x-px-custom-param1).

    To add a custom parameter, add the header key (for exapmle: x-px-custom-param<number>) and value to the custom_parameters list in the px_add_custom_parameters function. The header key is validated before being sent to ensure the right pattern (x-px-custom-param<x>) is used.

    tcl

    proc px_add_custom_parameters {} {
  # Custom function to add custom parameters to risk_api and async activities.
  set custom_parameters [list]
  # INSERT LOGIC HERE
  lappend custom_parameters "x-px-custom-param1" "UID"
  lappend custom_parameters "x-px-custom-param3" "SessionID"

  # The function must always return the custom_parameters list.
  return $custom_parameters
}
    Was this article helpful?
    What's Next