Google Callout Enforcer
This guide describes how to install and configure self-hosted HUMAN Callout Enforcer.
General information
HUMAN Callout Enforcer is a service running on client premises, which communicates with the client's Envoy's "ext_proc" (External Processing) filter.
For every request Envoy sends Request Headers to Callout Enforcer and waits for the Status Response. Status Response could be either "pass" or "block and display Captcha page".
Details about HUMAN Callout Enforcer
- by default it uses configuration file named
pxconf.json, located in/etcfolder - by default it listens on
50051port perimeterx/px_callout_enforcer:latestdocker image contains HUMAN Callout Enforcer application
Configure steps for Envoy and HUMAN Callout Enforcer
- Configure Envoy's ext_proc filter Details
- Add a new "callout" cluster to Envoy configuration Details
- Configure HUMAN Callout Enforcer (
pxconf.jsonfile) Details - Pull and run
perimeterx/px_callout_enforcer:latestdocker image (mountpxconf.jsonto/etc/pxconf.jsonfile in the container and expose 50051 port) Details
Optional steps
- Enable SSL/TLS certificate Details
Testing
Complete example of both Envoy and HUMAN Callout Enforcer configuration and commands could be found here: Complete Example
Updated 30 days ago