Configuration Options
PII (Personally Identifiable Information) Anonymization
Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify a single person, or to identify an individual in context.
It is important for us to keep personal private information out of our servers. Therefore, by default, we do not send the request body and cookies to PerimeterX backend servers, the entire communication is based on headers data.
PII is not a recommended setting. If PII is essential for your organization, contact PerimeterX Support.
When PII is enabled, PerimeterX does not store a client’s full IP information (Client IP, HTTP Headers). In IPv4 this is done by zeroing 4th IP octet (for example, the IP 1.2.3.4 will be stored as 1.2.3.0). In IPv6 this is done by zeroing the last four (4) octets (for example, the IP 1:2:3:4:1:2:3:4 will be stored as 1:2:3:4:1:2:3:0).
Removing the IP's last octet can result small reduction of detection capability, usually for the models and signatures that are based on IPs.
Module Enabled
A boolean flag to enable/disable the PerimeterX worker.
Default: true
Module Mode
Sets the working mode of the SFCC Cartridge.
Possible values:
0
- Monitor Mode1
- Blocking Mode
Default: 0
- Monitor Mode
Blocking Score
Sets the minimum blocking score of a request.
Possible values:
- Any integer between 0 and 100.
Default: 100
First Party Enabled
Enables the module to send/receive data to/from the sensor, acting as a "reverse-proxy" for client requests and sensor activities.
To setup first party support, follow the Setting Up First Party section.
First Party Mode may also require additional changes on the sensor snippet. For more information, refer to the portal.
Possible values:
true
false
Default: false
Send Block Activities
A boolean flag to enable/disable sending block activities to PerimeterX with each request.
Default: true
Send Page Activities
A boolean flag to enable/disable sending activities and metrics to PerimeterX for each page request. Enabling this feature provides data that populates the PerimeterX portal with valuable information such as the number of requests blocked and API usage statistics.
Default: true
Debug Mode
Enables debug logging mode. The debug mode is modified in the Cartridge Preferences screen detailed above.
Default: false
Once enabled, PerimeterX debug messages are sent in the following template:
[PerimeterX - DEBUG][APP_ID] - MESSAGE
- for debug messages
[PerimeterX - ERROR][APP_ID] - MESSAGE
- for error messages
Log example of a valid request:
[2017-12-04 14:02:48.170 GMT] DEBUG PipelineCallServlet|9502992|Sites-SiteGenesis-Site|Default-Start|PipelineCall|jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== custom Sites-SiteGenesis-Site STOREFRONT jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== k1OX8IhVJVpqAAAK-0-00 9135655695325170688 - [PerimeterX - DEBUG][APP_ID] - Starting request verification
[2017-12-04 14:02:48.171 GMT] DEBUG PipelineCallServlet|9502992|Sites-SiteGenesis-Site|Default-Start|PipelineCall|jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== custom Sites-SiteGenesis-Site STOREFRONT jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== k1OX8IhVJVpqAAAK-0-00 9135655695325170688 - [PerimeterX - DEBUG][APP_ID] - Request context created successfully
[2017-12-04 14:02:48.171 GMT] DEBUG PipelineCallServlet|9502992|Sites-SiteGenesis-Site|Default-Start|PipelineCall|jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== custom Sites-SiteGenesis-Site STOREFRONT jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== k1OX8IhVJVpqAAAK-0-00 9135655695325170688 - [PerimeterX - DEBUG][APP_ID] - No Captcha cookie present on the request
[2017-12-04 14:02:48.171 GMT] DEBUG PipelineCallServlet|9502992|Sites-SiteGenesis-Site|Default-Start|PipelineCall|jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== custom Sites-SiteGenesis-Site STOREFRONT jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== k1OX8IhVJVpqAAAK-0-00 9135655695325170688 - [PerimeterX - DEBUG][APP_ID] - Cookie V3 found, Evaluating
[2017-12-04 14:02:48.394 GMT] DEBUG PipelineCallServlet|9502992|Sites-SiteGenesis-Site|Default-Start|PipelineCall|jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== custom Sites-SiteGenesis-Site STOREFRONT jLvMauivMBL8z7l1SRVBheAkTSR3zoHdk6G72IQQfr5SJs_uahpfrS7tfVKTaEHaVRs_WVcLLZMobrW6ugEcwA== k1OX8IhVJVpqAAAK-0-00 9135655695325170688 - [PerimeterX - DEBUG][APP_ID] - Cookie evaluation ended successfully, risk score: 0
Sensitive Routes
An comma separated list of route prefixes that trigger a server call to PerimeterX servers every time the page is viewed, regardless of viewing history.
Default: Empty
Sensitive Headers
An comma separated list of headers that are not sent to PerimeterX servers on API calls.
Default: 'cookie', 'cookies'
Path Whitelist
A comma separated list of paths to filter.
For example: /Sites-Site/, /PXRedirect
Default: Empty
Allow by IP/CIDR
A comma separated list of IPs or CIDRs to allow.
For example: 192.168.0.100, 192.168.100.0/24
Default: Empty
IP Headers
A comma separated list of comma separated trusted headers that specify an IP to be extracted. If the list is empty, the default IP header cf-connecting-ip
is used.
Default: Empty
CSS Ref
Modifies a custom CSS by adding the CSSRef directive and providing a valid URL to the CSS.
Default: Empty
JS Ref
Adds a custom JS file by adding JSRef directive and providing the JS file that is loaded with the block page.
Default: Empty
Custom Logo
The logo is displayed at the top of the the block page.
Max-height = 150px, Width = auto.
Default: Empty
Custom Block Page Template
The template name to use to render a block page.
Default: block_template (the default block page template)
Enrich Custom Parameters
With the enrichCustomParams function you can add up to 10 custom parameters to be sent back to PerimeterX servers. When set, the function is called before setting the payload on every request to PerimeterX servers. The parameters should be passed according to the correct order (1-10).
This property cannot be set using Business Manager but can only be added directly to the pxConfig.js
file. The function receives an array of custom parameters (customParams) and must return it once set.
Default: Empty
Example:
...
pxConfig["enrichCustomParameters"] = function(customParams) {
customParams["custom_param1"] = "yay, test value";
return customParams;
}
...
Test Block Flow on Monitoring Mode
Allows you to test an enforcer’s blocking flow while you are still in Monitor Mode.
When the header name is set(eg. x-px-block
) and the value is set to 1
, when there is a block response (for example from using a User-Agent header with the value of PhantomJS/1.0
) the Monitor Mode is bypassed and full block mode is applied. If one of the conditions is missing you will stay in Monitor Mode. This is done per request.
To stay in Monitor Mode, set the header value to 0
.
The Header Name is configurable using the Bypass Monitor Mode Header
property.
Default: Empty
Updated 9 months ago