This guide addresses common issues that can cause your application to behave unexpectedly and are often related to your Enforcer’s configuration. It’s important to resolve these issues quickly to maintain your application’s security and performance. Use this document to troubleshoot and restore your Enforcer to its proper function.
You can use the following recommended steps to fix common Enforcer issues. If these don’t work or if you have further questions, reach out to HUMAN’s support team.
The Enforcer’s module enabled configuration acts as the Enforcer’s on or off switch. If this configuration is set to false, then the Enforcer is disabled and won’t monitor or block traffic regardless of any other configurations that you’ve set.
When the module enabled configuration is set to false, then the Enforcer’s configurations will no longer update in the console. This means that you must verify this configuration directly from the Enforcer’s code.
To verify from the Enforcer:
px_module_enabled configuration is set to true. The formatting may vary slightly depending on your Enforcer. The example below is from Cloudflare. Be sure to reference your Enforcer’s appropriate documentation for proper implementation.You can exclude certain routes from HUMAN detection, which means the Enforcer will never monitor or enforce any activity on these routes. You should check that the route you’d expect the Enforcer to mitigate on isn’t included in your exclusions.
We recommend that you verify directly from the HUMAN console. This lets you configure and update the Enforcer quickly without having to redeploy it. To check routes from the console:
If you’d prefer to verify from the Enforcer:
px_filter_by_route configuration has the correct routes specified. The formatting may vary slightly depending on your Enforcer. The example below is from Cloudflare. Be sure to reference your Enforcer’s appropriate documentation for proper implementation.The Enforcer’s module mode configuration determines whether the Enforcer actively blocks malicious traffic or if it simply monitors traffic without taking actions. You should check that the Enforcer’s mode is set to active blocking.
We recommend that you verify directly from the HUMAN console. This lets you configure and update the Enforcer quickly without having to redeploy it. To check that it’s active from the console:
If you’d prefer to verify from the Enforcer:
px_module_mode configuration is set to active_blocking. The formatting may vary slightly depending on your Enforcer. The example below is from Cloudflare. Be sure to reference your Enforcer’s appropriate documentation for proper implementation.You can set certain routes to operate in Simulated Block mode, which is where the Enforcer detected malicious traffic on that route, but did not actively block it. This behavior occurs for any route that’s specified for this configuration, even if the Enforcer is set to active blocking. You should check that the route you’d expect the Enforcer to mitigate on isn’t included in these routes.
We recommend that you verify directly from the HUMAN console. This lets you configure and update the Enforcer quickly without having to redeploy it. To check routes from the console:
If you’d prefer to verify from the Enforcer:
px_monitored_routes configuration has the correct routes specified. The formatting may vary slightly depending on your Enforcer. The example below is from Cloudflare. Be sure to reference your Enforcer’s appropriate documentation for proper implementation.If you tried all the other troubleshooting options and your Enforcer still does not behave as expected, reach out to HUMAN’s support team.