Getting Started
This is a crisp and precise integration guide that will facilitate the integration of ShieldSquare - Real-time Bot Management Solution for Web Apps, Mobile & APIs at the application level using our Ruby on Rails SDK. Please login and download the connectors from here
| Info | ||
|---|---|---|
| ||
Ruby version >=2.0andRails>=3 |
Integrating ShieldSquare in Monitor Mode
ShieldSquare integration in the monitor mode is divided into 3 simple steps
- Integrate the Code
- Verify Integration
- Move changes to production
Integrate the Code
...
2. Set the configuration file:
Change 1
Open thess2_config.rbfile and replace theconfig.sidparameter with your Sandbox ID. Refer the below snapshot
| Code Block | ||
|---|---|---|
| ||
config.sid = “Your Sandbox ID” config.mode = “Monitor” config.async_http_post = true config.timeout_value = 100 config._ipaddr = "auto" config.ss2_domain = 'ss_sa.shieldsquare.net' config.domain_ttl = 3600 config.domain_cache_file = '/tmp/' config.deployment_number = '1234' |
Change 2
Replace theconfig.ss2_domainin the ss2_config.rb file parameter with the ShieldSquare endpoint nearest to your server. Refer the below snapshot.
| Code Block | ||
|---|---|---|
| ||
config.sid = “Your Sandbox ID” config.mode = “Monitor” config.async_http_post = true config.timeout_value = 100 config._ipaddr = "auto" config.ss2_domain = 'ss_sa.shieldsquare.net' config.domain_ttl = 3600 config.domain_cache_file = '/tmp/' config.deployment_number = '1234' |
Example :If your server is located in the US, config.ss2_domain = 'ss_scus.shieldsquare.net';
| Info | ||
|---|---|---|
| ||
Add below line to above configuration file for backward compatibility. If you are a new customer, ignore this line. |
In order to understand the function and use of each of the parameters listed in thess2_config.rbfile, refer the below table.
| Parameter | Description | Type | Required |
|---|---|---|---|
| _sid | This holds the subscriber id of the user, and can be obtained by clicking on the Subscriber id details link on the dashboard. Choose Sandbox Id as you are integrating for the very first time
| Alphanumeric | Yes |
| _mode | Sets the mode of the operation depending on the mode of activation. Set value to ‘Monitor’ in this case. | String | Yes |
| _async_http_post | This Boolean parameter is used to post the data asynchronously. In the Monitor mode this has to be set as ‘true’. | Boolean | Yes |
| _timeout_value | This parameter indicates the time limit after which an API call has to be timed out. No synchronous API call would block for more than the value specified to this parameter. Important Note:To know optimum value to be set as timeout, run this jar file on your server and note the value. Refer to the guide for detailed steps to achieve the same.Download the ‘jar’ file.The jar may take about 15 minutes to run before it gives an output. | Numeric value (measured in milliseconds) | Yes |
| _ipaddress | This is set to the HTTP header which indicates the IP address of the user. The default value is “auto”. | String | Yes |
| _js_url | Set the _js_url to relative URL at which the “getData” file has been placed on the site. This file will collect the JavaScript data send it to the ShieldSquare site. You can find the getData file in the downloaded connector folder. Quick Tip:Relative path of “www.example.com/ShieldSquare/getData” is “/ShieldSquare/getData”. The simplest solution to work around this complexity is to place all the connector files in the root folder and set the _js_url parameter to “/getData”. Important Note:This parameter is only used for backward compatibility. Kindly ignore. | String | Yes |
| _ss2_domain | Select the ShieldSquare server closest to the website’s server and assign it to the _ss2_domain property. Available options are:
Quick Tip:To help you find out our nearest servers use thisJar file.For other locations, refer thisLink.For further assistance, please reach us atsupport@shieldsquare.com | String | Yes |
| _domain_cache_file | This parameter is the path to a cache file which stores the resolved IP of the _ss2_domain. The default path is "/tmp/" Important Note:To use this feature your application server [Apache/Nginx] should have write access to the folder specified above. | String | No |
| _domain_ttl | This parameter indicates the time after which _domain_cache_file is reloaded. The default time is 3600 seconds Important Note:To disable the caching feature, set the value as -1 | Numeric value (measured in seconds) | No |
| _deployment_number | Identifier denoting different families of configuration settings in your servers | String | Yes |
3. Integrate the API call to your code:
After making changes to the ss2_config.rb file parameters, the API code snippet needs to be added to the common header file of your website. The code snippet to be included is shown below:
| Code Block | ||
|---|---|---|
| ||
def call_shield_square
@shieldsquare_call_type ||= 1 // Update corresponding value as per CallType in the above table.
@shieldsquare_response = Ss2.shieldsquare_ValidateRequest("shield_square_user_name", @shieldsquare_call_type, "", request, cookies)
if @shieldsquare_response.responsecode == -1
logger.debug "Please reach out to ShieldSquare support team for assistance"
logger.debug "Allow the user request"
end
redirect_url = @shieldsquare_response.url
unless redirect_url.blank?
redirect_to(redirect_url) and return
end
end |
Once the code is inserted, the validate request function ( highlighted in the above code) takes the userid, call type, pid as inputs to process requests. Each of the parameters of the validate request function are defined below:
| Parameter | Description |
|---|---|
| UserId | Set the user-name/user-id of the logged-in visitors to shieldsquare_userid. |
| CallType | The value of shieldsquare_calltype determines the type of the call and can have the below values: 1 - Set the value as 1 for this parameter when the current request is of type Page Load. |
| PID | Uniquely identifies a request. |
Possible response codes are:
| 0 | This indicates that the request should be allowed.This is the default response for monitor mode. |
| -1 | Indicates that the ShieldSquare service is facing issues . The request should be allowed in case this response code is received. For eg. this response code will be returned in case a timeout occurs. |
| Info | ||
|---|---|---|
| ||
A response code of -1 is usually received when a server timeout occurs. |
3. Integrate the JS Tag to your code:
- Go to 'Download Connectors' page and switch to 'JS Tag' tab to find your customized JS.
- Integrate the JS in the starting of head section of web pages protected by ShieldSquare to ensure JS Tag executes immediately after the page loads. This will facilitate ShieldSquare to catch sophisticated bots.
| Info | ||
|---|---|---|
| ||
Both the aforementioned code snippets (API & JS) need to be executed from the every page of the website. It is therefore mandatory to include both the snippets in the common header file. |
Verify Integration
...