Configuration Properties
  • 10 Nov 2023
  • Dark

Configuration Properties

  • Dark

Article Summary


app_idHUMAN application idNONEString
cookie_secret_keyCookie hashing secret (salt)NONEString
auth_tokenJWT used to authenticate with px serversNONEString
enable_moduleSets the module on/off1int
module_modeSets the module working mode, 2 - blocking, 1 - sync monitor, 0 - async monitor2 - blockingint
whitelisted_routes_className of the class for Allowlist routes, please read additional informationpx_<APP_ID>_whitelisted_routesString
specific_routes_className of the class for specific routes, please read additional informationpx_APP_ID_specific_routesString
sensitive_routes_className of the class for sensitive routes, please read additional informationpx_APP_ID_sensitive_routesString
send_page_activitiesToggles send page requested activity0int
send_block_activitiesToggles send block activities1int
excluded_extensionsFlags which extensions the module will skipregex StringString
risk_vsCorrelates with the virtual server for making risk api callspx_backend_APP_ID_vipString
risk_timeoutSets the timeout for api calls (in milliseconds2500int
debugToggles debug mode on/off, see troubleshooting for more information0int
ip_headerCustom user header that contains real user ipNONEString
sensitive_headersList of sensitive headers not to send in risk api calls["cookie"]list
custom_logoPath to url that contains a logo to be displayed on default block pageNONEString
jf_refPath to url that contains a custom js file to inject into the default block pageNONEString
css_refPath to url that contains a custom css file to inject into the default block pageNONEString
allowed_domainsA list of domain names on which the enforcer will run on. Run on all if blank[""]list
enable_module_header_nameThe header name that should be used to enable the module (The header's value should be True)NoneString
whitelist_ipsA list of ips/CIDRs to allow. If empty all the requests will be processed.[""]list
bypass_monitor_headerThe header name that can be used to bypass monitor mode on blocking activities.NONEString
enable_advanced_blocking_responseToggles the use of advanced blocking response1int
custom_cookie_headerA header name which will be used to extract the HUMAN  cookie from.NONEString
enable_first_partyToggles first-party mode on/off.1int

Directives containing app_id

Some directives in the configuration may require a specific name which contains the appID of the application taken from the portal.

The name in the configuration must be identical to the name configured in the data group/virtual server/pool.

A mismatch in the name may lead to errors on the module

Was this article helpful?