For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • General
    • About Enforcers
    • Support first-party HUMAN calls
    • Troubleshoot Enforcer configurations
  • Enforcer frameworks
    • Akamai ESI
    • Apache - C Module
    • ASP.NET
    • Callout Enforcer
    • Envoy Proxy
    • F5 BIGIP
    • Fastly JavaScript Compute@Edge
      • Fastly VCL changelog
        • Installing the Enforcer
        • GraphQL Support
        • Sensitive GraphQL Operations
        • Basic Configuration
        • Customized Subroutines
        • Additional Activity Handler
        • Advanced Blocking Response
        • Creating and Configuring the Edge-Dictionary
        • Custom CSS
        • Custom First Party Sensor Endpoint
        • Custom Logo
        • Custom JS Script
        • Custom Parameters
        • Filter Requests
        • Filter by HTTP Method
        • Filter by Route
        • Filter by Extension
        • Filter by IP
        • Filter by User Agent
        • Data Enrichment
        • First Party
        • First Party Snippet
        • Enforced Routes
        • Login Credentials Extraction
        • Modify First Party Response
        • Module Context Object
        • Module Enabled
        • Module Mode
        • Monitored Routes
        • Returning A Custom Block Page
        • Sensitive Routes
        • Test Block Flow on Monitoring Mode - Bypass Monitor Header
        • Upgrading the Enforcer
    • Google Cloud Platform (GCP) Callout Enforcer
    • Kong Plugin
    • NGINX - C Module
    • NGINX - LUA Module
    • PHP
    • Python
    • Ruby
    • Salesforce Commerce Cloud Cartridge
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
Enforcer frameworksFastly VCLV9 and Below

First Party

Was this page helpful?
Previous

First Party Snippet

Next
Built with

To prevent suspicious or unwanted behavior on the client side, some browsers or extensions (such as an Adblock extension) may deny the frontend JavaScript code from making requests to other domains. This prevents the HUMAN Sensor from making requests to the HUMAN servers, which greatly limits our detection capabilities.

To avoid this, the First Party feature enables the Enforcer to be used as a proxy for HUMAN servers, and to serve content to the browser from a first party endpoint (i.e., an endpoint on the customer’s domain).

When the First Party feature is enabled, the Enforcer serves as a proxy for:

  • HUMAN JS Sensor Client script
  • HUMAN CAPTCHA JS script
  • Proxy activities sent from the HUMAN JS Sensor Client to the HUMAN backend servers (XHR)

The First Party feature configuration defines whether the Enforcer will respond to or ignore any of the above first-party calls.

We recommend to keep the First Party enabled at all times.
However, if for some reason you need to disable the First Party feature, follow the steps below:

v8.0.0 and up

  1. Open the PX_CONFIG.vcl file.
  2. Change the px_first_party_enabled value to “false” (disabled). The default value is “true” (enabled).
1table px_configs {
2  "px_first_party_enabled": "false",
3}

v7.2.0 and below

  1. Open the PX_CONFIG.vcl file.
  2. Change the FIRST_PARTY_MODE value to “0” (disabled). The default value is “1” (enabled).
1table px_configs {
2  "FIRST_PARTY_MODE": "0",
3}
Test
  • Enter the First Party Sensor URL (APP_ID/init.js) in your browser. If you receive the Sensor’s JS code, the First Party is configured successfully.