Product guides

Configuration Options

Suggest Edits

The additional features described below allow you to fine-tune the Enforcer to your specific needs.

Guidelines

  • All Enforcer configuration options must be added to the sub vcl_init block, before calling px_module.setup() function.
  • All Enforcer configuration options are initiated by the px_module.setconf() function and must be written in this format (both "name" and "value" must be strings):
px_module.setconf("configuration name", "value");
  • If a configuration takes multiple values, each value must be written as a separate line. For example:
px_module.setconf("px_whitelist_uri_full", "/login");
px_module.setconf("px_whitelist_uri_full", "/user");
px_module.setconf("px_whitelist_uri_full", "/welcome");

Logger Severity

Sets the Logger Severity mode of the Enforcer.

Name: px_debug

Values:

  • false (default) - The Enforcer logs only errors and fatal events (e.g., exceptions).
  • true - The Enforcer logs all debugging events.

TO enable the feature, switch to true:

px_module.setconf("px_debug", "true")

Module Mode

Sets the working mode of the Enforcer.

Monitor mode - Use this mode to fine-tune and test your system. When in the Monitor mode, the Enforcer will pass through requests that would otherwise be blocked based on their score.
Active Blocking mode - Switch to this mode after making sure the Enforcer is operating properly in the Monitor mode. The Enforcer will block requests, if their score is equal to or higher than the set value.

Name: px_block_enabled

Values:

  • false - Monitor mode (default)
  • true - Active Blocking mode

To enable the Active Blocking mode, switch to true:

px_module.setconf("px_block_enabled", "true")

Updated 12 days ago