Enabling and Editing the JavaScript Challenge for an Edge Policy
Describes how to enable and edit the JavaScript challenge for an edge policy.
-
Open the navigation menu and select Identity & Security. Under Web Application Firewall, select Edge Policy Resources.
The Policies list opens. All edge policies are listed in a table.
-
Select the Compartment from the list.
All the edge policies in that compartment are listed in a table.
-
(Optional) Apply one or more of the following Filters to limit the edge policies displayed:
- State
- Name
- Policy Type: Select Edge Policy.
-
Select the name of the edge policy for which you want to edit and enable the JavaScript challenge.
The edge policy's details page opens.
-
Select Bot Management under WAF Policy.
The Bot Management list opens.
-
Select the JavaScript Challenge tab.
The tab indicates whether the JavaScript challenge is enabled or not.
-
Select Edit JavaScript Challenge.
The Edit JavaScript Challenge panel opens.
- Check the Enable JavaScript Challenge box.
-
Enter the following information:
- JavaScript Challenge Action section: Choose one of the following options:
- Detect Only: Select this option if you want to be alerted for every matched request.
Enter the following information:
- Enable Conditions: Check to enable conditions. The JavaScript Challenge is applied only for the requests that match all the listed conditions.
Select the condition and corresponding action from the lists. Select + Another Condition to display another condition row where you can enter a condition and action pair. Select X to delete the associated condition row.
See Access Control for Edge Policies for more information about conditions and rules.
- Set header for failed request: Check to add an HTTP header to requests that fail the challenge.
Under Additional Header, enter the Header name (the name displayed in the HTTP request header) and the Header value (the data requested by the header) in the corresponding boxes.
- Enable Conditions: Check to enable conditions. The JavaScript Challenge is applied only for the requests that match all the listed conditions.
- Block: Select this option to block requests by returning a response code, error page, or CAPTCHA.
Complete the following:
- Enable Conditions: Check to enable conditions. The JavaScript Challenge is applied only for the requests that match all the listed conditions. Select the condition and corresponding action from the lists. Select + Another Condition to display another condition row where you can enter a condition and action pair. Select X to delete the associated condition row.
See Access Control for Edge Policies for more information about conditions and rules.
- Block Action: Select one of the following actions that are taken when a matching request is blocked.
- Set Response Code:
Enter the following information:
- Block response code: Select a status code to return in response to blocked requests.
- Show Error Page:
Enter the following information:
- Block response code: Select a status code to return in response to blocked requests.
- Block error page message:: Enter the message that defines the error or error code.
- Block error page description: Enter more details about the error, including the cause and further instructions.
- Block Error Page Code: Enter the error code that is displayed with the error.
- Show CAPTCHA:
Enter the following information:
- CAPTCHA Title: Enter the text for the CAPTCHA page title.
- CAPTCHA Header: Enter the text that appears before the CAPTCHA image (for example, "I am not a robot").
- CAPTCHA Footer Text: Enter the text that will be shown after the CAPTCHA input box and before the submit button.
- CAPTCHA submit button: Enter the text for the Submit button (for example, "Yes, I am human.").
- Preview CAPTCHA: Select to view the CAPTCHA as users would see it. Select Edit CAPTCHA to return.
- Set Response Code:
- Enable Conditions: Check to enable conditions. The JavaScript Challenge is applied only for the requests that match all the listed conditions. Select the condition and corresponding action from the lists. Select + Another Condition to display another condition row where you can enter a condition and action pair. Select X to delete the associated condition row.
- Detect Only: Select this option if you want to be alerted for every matched request.
- Action threshold (number of requests): Specify the number of failed requests before the action occurs. Because of the asynchronous request from the browser during page loading, it is recommended to set a threshold of 10 for web applications with basic Ajax usage, and 100 for apps with heavy Ajax usage.
- Action expire time (seconds): Enter the number of seconds between challenges to the same IP address. Because of client IP address changes, it is recommended that the expiry time is set to 120 seconds for apps with mobile users and 3,600 seconds for apps with desktop users only.
- Follow Redirects box: (optional) Check to enable. When enabled, redirect responses from the origin are also challenged.
- Enable NAT Support box. (optional) Check to enable. When enabled, the user is identified by the IP address and also by a unique hash. This checking prevents blocking visitors with shared IP addresses. Oracle recommends that you disable this NAT support for high-load apps (200+RPS).
- JavaScript Challenge Action section: Choose one of the following options:
- Select Save Changes.
Publish your changes for them to take effect. See Publishing Changes. -
Open the navigation menu and select Identity & Security. Under Web Application Firewall, select Edge Policy Resources.
Use the oci waas js-challenge update command and required parameters to enable and edit the JavaScript challenge for an edge policy:
oci waas js-challenge update --is-enabled true --waas-policy-id waas_policy_ocid [OPTIONS]For a complete list of flags and variable options for CLI commands, see the Command Line Reference.
Use the UpdateJsChallenge operation to enable and edit the JavaScript challenge.