Configuration
The initial configuration is determined during the installation process.
Once the Enforcer is installed, you can change its configuration through the Akamai Property Editor. Below you will find a description of all the defined Property Variables for the ESI Enforcer.
Property Variables Configuration
The following variables should be configured according to your Akamai ESI Enforcer setup.
PMUSER_PX_APP_ID
The app id.
Default Value:Â N/A
Visibility:Â Visible
PMUSER_PX_AUTH_TOKEN
The authentication token for the Risk API.
Default Value:Â N/A
Visibility:Â Hidden
PMUSER_PX_COOKIE_SECRET
The hash key for the cookie HMAC.
Default Value: N/A
Visibility: Hidden
PMUSER_PX_S2S_TIMEOUT
The risk API timeout limit in milliseconds. (Note: needs to be updated in risk_request.esi file as well!)
Default Value:Â 3000
Visibility:Â Visible
PMUSER_PX_MODULE_ENABLED
Indicates whether the enforcer is enabled.
Possible Values: true / false
Default Value: true
Visibility: Visible
PMUSER_PX_MODULE_MODE
Indicates whether monitor mode is enabled on the enforcer.
Possible Values: monitor / active_blocking
Default Value: monitor
Visibility: Visible
PMUSER_PX_FIRST_PARTY_ENABLED
Indicates whether first party is enabled.
Possible Values: true / false
Default Value: true
Visibility: Visible
PMUSER_PX_CUSTOM_LOGO
A URL to a custom logo for the block page. Max height: 150px, width: auto.
Default Value: Empty
Visibility: Visible
PMUSER_PX_JS_REF
A URL to an additional JS script to run after the default JS scripts on the block page.
Default Value: Empty
Visibility: Visible
PMUSER_PX_CSS_REF
A URL to an additional CSS file to apply design to the block page.
Default Value: Empty
Visibility: Visible
PMUSER_PX_SENSITIVE_ROUTES
Regex (PCRE) for sensitive routes. All requests whose paths match this regex will be considered sensitive, and a Risk API call will be made regardless of any cookies on the request.
Default Value: Empty
Example Value: ^(/login.*)|(/sign-in)$
Visibility: Visible
PMUSER_PX_ENFORCER_DIR
The root directory of the enforcer ESI files in NetStorage. Note: Must end with a trailing slash.
Default Value: /px_enforcer/
Visibility: Visible
PMUSER_PX_SHARED_SECRET
Security feature to validate if the route back from post request domain is valid (safeguards against requests trying to bypass the enforcer).
Default Value: N/A
Visibility: Hidden
Placeholder Variables
The following variables should be configured in the Akamai Property and left blank.
PMUSER_PX_FROM_AKAM
Placeholder for the extracted security header.
Visibility: Hidden
PMUSER_PX_CHECK_ROUTE
Placeholder for checking route back from post forwarded domain.
Visibility: Hidden
PMUSER_PX_COOKIE_V2
Placeholder for _px2 cookie from the request.
Visibility: Visible
PMUSER_PX_COOKIE_V2_U
Placeholder for 'u' field as extracted from _px2 cookie.
Visibility: Visible
PMUSER_PX_COOKIE_V2_T
Placeholder for t' field as extracted from _px2 cookie.
Visibility: Visible
PMUSER_PX_COOKIE_V2_V
Placeholder for 'v' field as extracted from _px2 cookie.
Visibility: Visible
PMUSER_PX_COOKIE_V2_H
Placeholder for 'h' field as extracted from _px2 cookie.
Visibility: Visible
PMUSER_PX_COOKIE_V2_UA
Placeholder for user-agent header that arrived in the request.
Visibility: Visible
PMUSER_PX_COOKIE_V2_HMAC_PASS
Placeholder for valid passing cookie hmac format.
Visibility: Visible
PMUSER_PX_COOKIE_V2_HMAC_BLOCK
Placeholder for valid blocking cookie hmac format.
Visibility: Visible
PMUSER_PX_REQUEST_ID
Placeholder for request ID.
Visibility: Visible
Updated 12 days ago