Contents x
    Basic Configuration
    • 10 Nov 2023
    • Print
    • Dark
      Light
    Contents

    Basic Configuration

    • Updated on 10 Nov 2023
    • Print
    • Dark
      Light
    Article Summary

    Basic Configuration Example

    By default, the iRule contains the following configuration options:

    when HTTP_REQUEST {
    set module_version "F5 BIG-IP 2.3.0"
    set app_id "APP_ID"
    set cookie_secret_key "COOKIE_SECRET"
    set auth_token "AUTH_TOKEN"
    set enable_module 1
    set module_mode 2
    set whitelisted_routes_class "px_APP_ID_whitelisted_routes"
    set specific_routes_class "px_APP_ID_specific_routes"
    set sensitive_routes_class "px_APP_ID_sensitive_routes"
    set send_page_activities 1
    set send_block_activities 1
    set excluded_extensions "\.(css|bmp|tif|ttf|docx|woff2|js|pict|tiff|eot|xlsx|csv|eps|woff|xls|jpeg|jpg|doc|ejs|otf|pptx|gif|pdf|swf|svg|ps|ico|pls|midi|svgz|class|png|ppt|mid|webp|jar)$"
    set risk_vs "px_backend_APP_ID_vip"
    set risk_timeout 2500
    set debug 0
    set ip_header ""
    set sensitive_headers [list "cookie"]
    set custom_logo ""
    set js_ref ""
    set css_ref ""
    set collector_url "https://collector-${app_id}.perimeterx.net"
    set allowed_domains [list ""]
    set whitelist_ips [list ""]
    set enable_module_header_name ""
    set bypass_monitor_header ""
    set enable_advanced_blocking_response 1
    set custom_cookie_header ""
    set enable_first_party 1
}

    Update the following required properties:

    • app_id - The HUMAN application id in the format of PX__. The application id can be found in the Applications section on the PerimeterX Portal.
    • cookie_secret_key - The key used by the cookie signing page. The Cookie Key is generated in the Policies section on the PerimeterX Portal.
    • auth_token - The JWT token for REST API. The Authentication Token is generated in the Applications section on the PerimeterX Portal.

    Make sure to replace APP_ID in risk_vs with the same application_id you set for app_id.

    Block Score Configuration.

    Configuring the block score is done in PerimeterX Portal.

    BIGIP F5 Enforcer uses a binary cookie. The binary cookie does not store the score value on the cookie on the parsed jSON.

    In order to set a blocking threshold for the binary cookie:

    1. Log into the PerimeterX Portal
    2. On Admin tab select POLICIES
    3. Select Risk Cookie drop-down menu
    4. Select "Advanced Mode" and press Continue
    5. Unselect v1/v3 if selected and select v2, the binary score should be un-greyed
    6. Set a value and apply changes.

    HUMAN recommendation is to set the blocking threshold to 100.

    Was this article helpful?
    What's Next