Integrate Server-Side Enforcement
How do I integrate HUMAN server-side enforcement?
Background
The Enforcer is a lightweight middleware installed on your Edge or Origin that implements HUMAN Bot Defender enforcement. On each request, HUMAN Bot Defender decrypts the HUMAN Cookie injected by the HUMAN Sensor. The encrypted cookie contains the Risk Score. According to that score the Enforcer decides whether to block or allow the request.
The below diagram explains the request flow through the Enforcer middleware at a high level.
Select an Enforcer Deployment Method
HUMAN has developed a number of standard packages and libraries that allow you to deploy the Enforcer into your existing infrastructure. In order to begin planning the Enforcer deployment, you need to decide whether to deploy at the Edge or Origin.
Deploying at the Edge
When deploying at the Edge, the work of the Enforcer is conducted within the CDN/Platform provider. All requests are handled at the Edge, and only the requests that the Enforcer allows to pass reach the customer's servers.
To deploy at the Edge, HUMAN has developed instructions for integration with a number of different providers. Choose from one of the following Edge/Platform integrations below:
- Akamai
- AWS Lambda Edge
- Cloudflare
- Fastly
- Kong
- Salesforce Commerce Cloud Cartridge
- Netlify Edge Function
Deploying at Origin
When deploying at Origin, the work of the Enforcer is conducted within the customer's infrastructure, whether in a frontend server or load balancer such as F5's BIGIP, NGINX and Apache, or within the customer's application logic using one of the programming libraries such as PHP, Node.JS and Python.
Please refer to out Supported Frameworks section for the full list of currently supported Enforcer integration options.
Have a look!
• You are still in monitoring mode (no blocking!)
• Now that the Sensor and Enforcer are integrated, you will see Simulated Blocks (What HUMAN could have blocked) in the console
Updated about 1 month ago