Installing the Enforcer
Installing the Worker Manually
PerimeterX Cloudflare Worker is a unified script designed to be installed on Cloudflare's workers feature.
Bundling the Worker Source Files
If you already have the bundled JavaScript file, skip to the Installing the Cloudflare Worker section.
To bundle the worker source files into a unified javascript file that can be hosted on Cloudflare:
- Open the
custom/pxConfig.json
file in a text editor of your choice. Update the following required properties:
- px_app_id
- px_cookie_secret
- px_auth_token
Note
These parameters are available in the Platform Settings within the PerimeterX portal.
- Run the
npm install
command to install the dependencies. - Run the command
npm run build
inside of the PerimeterX Cloudflare Worker folder to build the module.
A dist folder containing aworkerBundle.js
file is created. This is the file that is uploaded to Cloudflare in the following section
Installing the Cloudflare Worker
- Open the Cloudflare dashboard of your domain. Click
Workers
>Manage Workers
>Create a Worker
. - Copy the content of the
workerBundle.js
file to the editor in theScript
tab and clickSave and Deploy
.
Configuring the Cloudflare Worker Routes
- Open the Cloudflare dashboard of your domain. Click
Workers
>Add route
- Configure the route and assign the created worker to it. you can configure two kinds of routes:
- The entire site - Define
*.yourdomain.com/*
as the route. - On specific routes - Define each route on which to run the worker.
- Click
Save
. The configuration is saved.
Installing the worker via Wrangler
Wrangler is a CLI tool designed to build and deploy Cloudflare Workers. It allows you to develop modern ES6 applications with module support and using webpack to build your project. The PerimeterX Cloudflare Worker project is integrated with the Wrangler mechanism. Your project needs some configuration before you can publish your Worker. The configuration values are stored in a wrangler.toml
file. You need to manually edit this file to add these values before you can publish.
In order to deploy the PerimeterX Worker to your Cloudflare account:
- In your Cloudflare environment create a new KV Namespace and name it
PXKV
. - Clone the repository to your local environment.
- Go to
perimeterx-cloudflare-worker/src/templates/wrangler.inc
and copy the file to the main project directory (i.eperimeterx-cloudflare-worker
) and name itwrangler.toml
. - Edit the file with your account values:
WORKER_NAME - The worker name as it will appear in the Cloudflare dashboard.
ACCOUNT_ID - Cloudflare's account ID.
ZONE_ID - Cloudflare's zone ID.
WORKER_ROUTE - The route (or routes prefix) on the customer's domain to apply the worker on.
NAMESPACE_ID - The namespace id of the one created in step 1. - Run
npm install
andwrangler publish
from the project's main directory. - The worker should be deployed and active on the given route.
Installing CSP Enforcement
Important Notice
The following feature (CSP enforcement) is optional and is intended for Code Defender customers.
The following steps are required in order to enable PerimeterX Cloudflare worker CSP support. You need to create a new cron trigger scheduler and a KV namespace, named PXKV
, and bind it to your worker as follow:
- In your worker dashboard, go to Manage KV namespaces.
- Name the new namespace PXKV and click Add.
- Add binding from your worker to the namespace, go to Manage Workers-> your_worker-> Settings-> KV Namespace Bindings, click Edit variables, and add a record for
- Variable name - PXKV
- KV namespace - PXKV
- Add cron trigger. In the same screen go to Triggers and select Add Cron Trigger
- Enter the cron expression to select the refresh interval for getting CSP policy updates from PerimeterX (recommended 5 minutes - cron expression
*/5 * * * *
)
Updated 4 months ago