Basic Configuration

Basic Configuration Example

By default, the iRule contains the following configuration options:

when HTTP_REQUEST {
    set module_version "F5 BIG-IP 2.3.0"
    set app_id "APP_ID"
    set cookie_secret_key "COOKIE_SECRET"
    set auth_token "AUTH_TOKEN"
    set enable_module 1
    set module_mode 2
    set whitelisted_routes_class "px_APP_ID_whitelisted_routes"
    set specific_routes_class "px_APP_ID_specific_routes"
    set sensitive_routes_class "px_APP_ID_sensitive_routes"
    set send_page_activities 1
    set send_block_activities 1
    set excluded_extensions "\.(css|bmp|tif|ttf|docx|woff2|js|pict|tiff|eot|xlsx|csv|eps|woff|xls|jpeg|jpg|doc|ejs|otf|pptx|gif|pdf|swf|svg|ps|ico|pls|midi|svgz|class|png|ppt|mid|webp|jar)$"
    set risk_vs "px_backend_APP_ID_vip"
    set risk_timeout 2500
    set debug 0
    set ip_header ""
    set sensitive_headers [list "cookie"]
    set custom_logo ""
    set js_ref ""
    set css_ref ""
    set collector_url "https://collector-${app_id}.perimeterx.net"
    set allowed_domains [list ""]
    set whitelist_ips [list ""]
    set enable_module_header_name ""
    set bypass_monitor_header ""
    set enable_advanced_blocking_response 1
    set custom_cookie_header ""
    set enable_first_party 1
}

Update the following required properties:

  • app_id - The PerimeterX application id in the format of PX__. The application id can be found in the Applications section on the PerimeterX Portal.
  • cookie_secret_key - The key used by the cookie signing page. The Cookie Key is generated in the Policies section on the PerimeterX Portal.
  • auth_token - The JWT token for REST API. The Authentication Token is generated in the Applications section on the PerimeterX Portal.

Make sure to replace APP_ID in risk_vs with the same application_id you set for app_id.

Block Score Configuration.

Configuring the block score is done in PerimeterX Portal.

BIGIP F5 Enforcer uses a binary cookie. The binary cookie does not store the score value on the cookie on the parsed jSON.

In order to set a blocking threshold for the binary cookie:

  1. Log into the PerimeterX Portal
  2. On Admin tab select POLICIES
  3. Select Risk Cookie drop-down menu
  4. Select "Advanced Mode" and press Continue
  5. Unselect v1/v3 if selected and select v2, the binary score should be un-greyed
  6. Set a value and apply changes.

PerimeterX recommendation is to set the blocking threshold to 100.


Did this page help you?