For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
HUMAN DashboardHUMAN WebsiteRequest a Demo
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
Product GuidesEnforcer GuidesMobile SDKAPI ReferenceCustomer support
  • General
    • About Enforcers
    • Support first-party HUMAN calls
    • Troubleshoot Enforcer configurations
  • Enforcer frameworks
    • Akamai ESI
    • Apache - C Module
    • ASP.NET
    • Callout Enforcer
    • Envoy Proxy
    • F5 BIGIP
    • Fastly JavaScript Compute@Edge
    • Google Cloud Platform (GCP) Callout Enforcer
    • Kong Plugin
    • NGINX - C Module
    • NGINX - LUA Module
    • PHP
    • Python
    • Ruby
    • Salesforce Commerce Cloud Cartridge
LogoLogo
Login
Login
HUMAN DashboardHUMAN WebsiteRequest a Demo
General

Support first-party HUMAN calls on a CDN

Was this page helpful?
Previous

Troubleshoot your Enforcer configuration

Next
Built with

In some cases, you may handle first-party requests outside of the HUMAN Enforcer. If so, you need to configure three separate reverse proxy routes or rules.

While this document focuses on generic CDN configurations, you can apply these same rules within a load balancer, reverse proxy, web server, or anything that sits in front of the HUMAN Enforcer. Keep in mind that:

  • If required, the proper corresponding cert pinning should be set up on the CDN.
  • You can define specific rules to tell the CDN to expire cached content on their servers, or your origin server can add headers to the content that contains expire information and the CDN can be configured to honor that instead. The cache TTL should be set to 10 minutes or to honor the origin cache header as received from the origin.
  • If caching at the CDN (recommended), the cache key should be set to the incoming host name instead of origin to avoid the HUMAN domain name in the cache key.
1

Sensor Call: Deliver the HUMAN Sensor

Requests to the HUMAN Sensor are sent to different places depending on the Sensor’s mode. To support this request, create a rule that handles incoming requests to the first-party location and that makes an origin call to the third-party location shown below.

https://www.customerdomain/{{app_id_no_px}}/init.js
2

Handle the first-party captcha.js call

This request facilitate HUMAN CAPTCHAs. To support this request, create a rule that handles incoming requests to the first-party location and that makes an origin call to the third-party location shown below.

https://www.customerdomain/{{app_id_no_px}}/captcha/*
3

Handle XHR calls at the CDN

If required, the proper corresponding cert pinning should be set up on the CDN. These calls should not be cached

This request facilitates your feedback to HUMAN. To support this request, create a rule that handles incoming requests to the first-party location and that makes an origin call to the third-party location shown below.

https://www.customerdomain.com/{{app_id_no_px}}/xhr/{{path}}

For example, for a request on the path https://www.customerdomain.com/1234567/xhr/api/v1/collector, the requested rule on CDN should route it to https://collector-px1234567.px-cloud.net/api/v1/collector.