Module Configuration

Module Configuration

Required NGINX Configuration

The following NGINX configurations are required to support the PerimeterX NGINX C-Core module:

Resolver

The Resolver directive must be configured in the HTTP section of your NGINX configuration.

• Set the resolver, resolver A.B.C.D;, to an external DNS resolver, such as Google (resolver 8.8.8.8;),

or

• Set the resolver, resolver A.B.C.D;, to the internal IP address of your DNS resolver (resolver 10.1.1.1;).

This is required for NGINX to resolve the PerimeterX API.

Required PerimeterX Module Configuration

The following parameters are mandatory:

• px_enabled
• px_appId
• px_cookie_secret
• px_auth_token

-- ## Required Parameters ##
px_enabled true;
px_appId "<PX_APP_ID>";
px_auth_token "<PX_AUTH_TOKEN>";
px_cookie_secret "<COOKIE_ENCRYPTION_KEY>";

• px_appId - The PerimeterX custom application id in the format of PX__ .
• px_cookie_secret - The key used by the cookie signing page. The Cookie Key is generated in the PerimeterX Portal Policy page.
• px_auth_token - The JWT token for REST API. The Authentication Token is generated in PerimeterX Portal Application page.

nginx.conf Example

The following nginx.conf example contains the minimum required configuration for the PerimeterX NGINX C-Core module:

worker_processes  1;
error_log /var/log/nginx/error.log debug;
events {
    worker_connections 1024;
}

http {
    real_ip_header X-Forwarded-For;
    resolver 8.8.8.8;

    server {
        listen 80;
        listen [::]:80;

        px_enabled true;
        px_appId "<PX_APP_ID>";
        px_auth_token "<PX_AUTH_TOKEN>";
        px_cookie_secret "<COOKIE_ENCRYPTION_KEY>";

        location / {
            root   /nginx/www;
            index  index.html;
            include  /nginx/conf/mime.types;
        }
    }
}