Installation and Configuration

The Netacea Fastly integration detects bot activity and performs mitigating actions in line with the client blocking strategy.

Prerequisites

To successfully integrate using Netacea, please ensure you have:

  1. A Fastly version or 1.2.131+ or higher.

  2. Access to the relevant API keys and log shipping endpoints in the Netacea portal.

  3. Monitoring has been configured.

Customers will also need to open a support ticket with Fastly to enable POST within their environment. We need to ensure that there are 2 pragmas enabled on your Fastly account that are not enabled by default.

Required Pragmas:

Pragma optional_param fix_unsent_body_drain true;
Pragma optional_param no_body_if_bereq_is_get_or_head true;

To enable the Pragmas raise a support ticket with Fastly Support.

Implementation Steps

  • Log in to the Fastly web interface.

  • From the Home page, select the appropriate service. You can use the search box to search by ID, name, or domain.

  • Click the Edit configuration button and then select the option to clone the active version. The Domains page appears.

All configuration changes below will be made to the newly cloned version.

Make a note of the currently active version should you need to roll back in the future.

Host

To allow the Netacea VCL to make calls to the Protector API 2 new hosts must be configured with Netacea's details, to be called in the VCL snippets.

  • Click the Origins link. The Origins page appears.

  • Click the "Create a Host" button. The Host field appears.

Populate a new host with the following URL and click "Add":

mitigations-lbr.netacea.net

Edit the new host by clicking the pencil icon and change the name to:

MitSvc

Repeat the process, populate the new host with the following URL and click "Add" :

assets.ntcacdn.net

Edit the new host by clicking the pencil icon and change the name to:

CaptchaAssets

VCL Snippets

For Netacea to trigger and offer protection, the solution needs to be added to the Fastly environment in the form of a custom VCL.

The Netacea VCL is divided into 5 key snippets, INIT, DELIVER, RECV, ERROR and RECV_CONFIGURE. Each needs to be added to the VCL Snippets configuration within Fastly.

Netacea will provide the VCL separately.

INIT:

  • Navigate to VCL snippets within Fastly.

  • Click the "Create snippet" button.

  • Give the snippet a suitable name, such as Netacea_INIT

  • Set the type to "init"

  • Paste the INIT code into the VCL

  • On line 4 - 24 you will find a set fields unique to each deployment to define, set integration_type to the suitable mode.

Required Fields

Optional Fields - Can be set to blank unless discussed with the Netacea team

Under advanced options, set the priority to 45.

RECV:

  • Click the "Create snippet" button

  • Give the snippet a suitable name, such as Netacea_RECV

  • Set the type to "within subroutine" & "recv (vcl_recv)"

  • Paste the RECV code into the VCL

  • Set the priority to 45

DELIVER

  • Click the "Create snippet" button

  • Give the snippet a suitable name, such as Netacea_DELIVER

  • Set the type to "within subroutine" & "deliver (vcl_deliver)"

  • Paste the DELIVER code into the VCL

  • Set the priority to 45

ERROR:

  • Click the "Create snippet" button

  • Give the snippet a suitable name, such as Netacea_ERROR

  • Set the type to "within subroutine" & "error (vcl_error)"

  • Paste the ERROR code into the VCL

  • Set the priority to 45

RECV_CONFIGURE:

  • Click the "Create snippet" button

  • Give the snippet a suitable name, such as Netacea_RECV_CONFIGURE

  • Set the type to "within subroutine" & "recv (vcl_recv)"

  • Paste the RECV_CONFIGURE code into the VCL

  • Set the priority to 46

Dictionary

  • Navigate to Data -> Dictionaries within Fastly.

  • Click the "Create dictionary" button.

  • Give the snippet the name "netacea_edge_config"

  • Click Add

The dicitionary should be left blank unless instructed by the Netacea Team

Finishing Up

Check you have completed the following steps:

You are now ready to deploy the version you have been editing by clicking "Activate"

The Netacea plug-in will now be deployed on the service it was configured against. You can test the deployment is active by:

  • Checking for the presence of the Netacea named cookie on the website

  • Viewing your reporting dashboard for traffic and mitigation

  • Requesting Netacea review internal metrics

PreviousMonitoring ConfigurationNextAdvanced Configuration

Last updated

Copyright Netacea 2023