On integrating the code, the SDK will start making API calls to ShieldSquare solution and the response received is in the form of a response code. The response code directly indicates the action to be taken based on the incoming request. All API calls made to ShieldSquare, (in monitor mode) by default would be asynchronous in nature, based on the compatibility of the website platform. In case your website platform does not support asynchronous calls, please reach out to support for further assistance.
Please follow the below outlined steps to integrate the code in Monitor Mode:
- Set the configuration file
- Integrating the API call to the code
- Integrating the JS call to the code
1. Set the configuration file:
Open the ss2_config.py file and replace the sid parameter with your Sandbox ID. Refer the below snapshot
Replace the ss2_domain in the ss2_config.py file parameter with the ShieldSquare endpoint nearest to your server. Refer the below snapshot.
Example :If your server is located in the US, config.ss2_domain = 'ss_scus.shieldsquare.net';
In order to understand the function and use of each of the parameters listed in the ss2_config.rb file, refer the below table.
This holds the subscriber id of the user, and can be obtained by clicking on the Subscriber id details link on the dashboard. Choose Sandbox Id as you are integrating for the very first time
Important Note: Sandbox ID is meant for only testing and verification purposes and requests sent using this ID will not be persisted by ShieldSquare Service.
|mode||Sets the mode of the operation depending on the mode of activation. Set value to ‘Monitor’ in this case.||String||Yes|
|timeout_value||This parameter indicates the time limit after which an API call has to be timed out. No synchronous API call would block for more than the value specified to this parameter.|
Important Note:To know the optimum value to be set as timeout, run this jar file on your server and note the value. Refer to the guide for detailed steps to achieve the same. Download the ‘jar’ file. The jar may take about 15 minutes to run before it gives an output.
|Numeric value (measured in milliseconds)||Yes|
|ipaddress||This is set to the HTTP header which indicates the IP address of the user. The default value is “auto”.||String||Yes|
|ss2_domain||Select the ShieldSquare server closest to the website’s server and assign it to the _ss2_domain property. Available options are:|
Quick Tip:To help you find out our nearest servers use this Jar file.For other locations, refer this Link. For further assistance, please reach us at email@example.com
|domain_ttl||This parameter indicates the time after which _domain_cache_file is reloaded. The default time is 3600 seconds |
Important Note: To disable the caching feature, set the value as -1
|Numeric value (measured in seconds)||No|
Set this parameter as True if you want to enable logging.
Note: By default this parameter is set as False. This parameter is only used for debugging, hence it is advisable to keep it as False.
|ip_index||Set the position of valid IP in this parameter.|
- If ip_index contains positive value(starting from 1), IPs will be checked from left to right until valid IP is found.
- If ip_index contains negative value(starting from -1), IPs will be checked from right to left until valid IP is found.
|other_headers||Set this parameter as True if you want to send other headers.|
Note: By default this parameter is set as False
|_deployment_number||Identifier denoting different families of configuration settings in your servers||String||Yes|
|content_filter||Set as True if static content filtering is required for extensions mentioned in the 'content_type_list' parameter.||Boolean||Yes|
|content_type_list||Append the static resource extensions that have to be filtered to avoid API calls to ShieldSquare server. Separate each resource extension with “,” operator. All the content types added to this list are not processed by ShieldSquare module.||String||Yes|
|ss_captcha_enabled||This parameter is used to enable ShieldSquare CAPTCHA service. In monitor mode, value of this parameter should be False.||Boolean||Yes|
|ss_block_enabled||This parameter is used to enable ShieldSquare block service. In monitor mode, value of this parameter should be False.||Boolean||Yes|
|support_email||Set your support e-mail ID to display in ShieldSquare CAPTCHA and block page. Default support mail is: firstname.lastname@example.org||String||Yes|
|skip_qp||This parameter indicates ShieldSquare's Block/CAPTCHA Page template is used. Default value is 'False'. If you use your own CAPTCHA/Block page, ShieldSquare suggests to set this parameter value to 'True'.||Boolean||Yes|
|redirect_domain||If you want to use your own domain for CAPTCHA/Block page, change the configured default domain as below. |
redirect_domain = '< Your CAPTCHA/Block domain >'
2. Integrate the API call to your code:
Add ShieldSquare middleware in your application middleware's list
Once the code is inserted, the validate request function ( highlighted in the above code) takes the userid, call type, pid as inputs to process requests. Each of the parameters of the validate request function are defined below:
|UserId||Set the user-name/user-id of the logged-in visitors to shieldsquare_userid.|
The value of shieldsquare_calltype determines the type of the call and can have the below values:
1 - Set the value as 1 for this parameter when the current request is of type Page Load.
2 - Set the value as 2 for this parameter when the current request is a form submit request.
6 - Set the value as 6 for this parameter when the current request is from mobile APP.
7 - Set the value as 7 for this parameter when the current request is from feature phone.
Uniquely identifies a request.
API call returns response in json format. The response code can be found as the value of “responsecode” field returned and is of the type integer.
Possible response codes are:
|0||This indicates that the request should be allowed.This is the default response for monitor mode.|
|-1||Indicates that the ShieldSquare service is facing issues . The request should be allowed in case this response code is received. For eg. this response code will be returned in case a timeout occurs.|
3. Integrate the JS Tag to your code:
- Go to 'Download Connectors' page and switch to 'JS Tag' tab to find your customized JS.
- Integrate the JS in the starting of head section of web pages protected by ShieldSquare to ensure JS Tag executes immediately after the page loads. This will facilitate ShieldSquare to catch sophisticated bots.