Introduction

This documentation details the steps to integrate ShieldSquare anti-bot solution at your HAProxy load balancer.

Prerequisites

  1. Ensure that you have created an account in the ShieldSquare admin portal before getting started
  2. LUA version 5.3.x
  3. HAProxy (version 1.8.0 to 1.8.8) compiled with LUA and OpenSSL

Integration Instructions


1.Download the connector kit provided by ShieldSquare Support
2.Place "shieldquare.lua" and "shieldsquare-spoe.cfg" in a dir. (Please do not change the order of args in shieldsquare-spoe.cfg)
3.Edit "shieldsquare.lua" file to configure SID and mode as below:

– Subscriber ID assigned after registration. 
 local _sid = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" 

– _mode (set 'false' for Monitor mode and 'true'for Active mode) 
 local _mode = false;


4.Edit HAProxy config file to do the following:

In global section 
 
 lua-load <path to>/shieldsquare.lua 
 
 In frontend section 

 filter spoe engine shieldsquare config <path to>/shieldsquare-spoe.cfg 
 http-response lua.shieldsquare_response 
 http-response set-header ShieldSquare-Response %[var(txn.ss.response)]

Add a new backend as below:
 backend ss-backend 
 mode tcp 
 timeout server 1m 
 server ss-cfm ss_scus.shieldsquare.net:12345 check maxconn 10


'ss_scus.shieldsquare.net' is the ShieldSquare endpoint to receive data. You can check with ShieldSquare Support for the optimal endpoint location based on your environment.


5.Restart HAproxy service and verify ShieldSquare Integration in the ShieldSquare admin portal's 'Verify Integration' page. 


Now ShieldSquare integration is successful in Monitor mode. To learn more about Monitor and Active mode, click here. Upon successful integration verification, ShieldSquare Support will help you with instructions to switch to Active mode. 


Write to support@shieldsquare.com for any clarifications.