General Enforcer Information

The PerimeterX Enforcer is a lightweight SDK responsible for the enforcement functionality of PerimeterX products, including Bot Defender & Code Defender.

For each activity on the PerimeterX Enforcer, an async request is sent to the PerimeterX Detector. The PerimeterX Detector in turn sends a command to the PerimeterX Enforcer via a cookie, or as a synchronous s2s request if a cookie is not present (and in other cases such as if the cookie expired, cookie validation/decryption failed, sensitive route, etc.) as to the appropriate course of action (allow, block, challenge, etc.).

The Enforcer SDK is integrated within your web application. On each request it decrypts PerimeterX cookie that is injected by the PX Sensor. The encrypted cookie contains the Risk Score. According to that score the enforcer decides whether to block or allow the request. If the cookie is missing or if it is invalid / expired, The enforcer will send a synchronous request with relevant data to the PerimeterX Detector. In return, it will get a risk score, and will enforce the request accordingly.