Getting Started with Shield

This page will help you get started with Shield. You'll be up and running in a jiffy!
Prerequisites
  1. To use MCP Shield, you will need :
    1. Hosted Landing Page
    2. Access to Shield Dashboard
Integration Recommendations
  1. Integration methodology includes,
    1. Server Side Integration
Server Side Integration available modules
  1. You can set up one of our server side module by using code snipped provided.
    1. PHP
    2. NODE JS
    3. JAVA
    4. C#

You can either use code for .NET Core or use directly our dll to integrate. For more details please follow Rest Client Core Dll

How to use shield ?
  1. You can setup one of our server side module by using code snipped provided.
    1. Service Registration
    2. Code Snippet Integration in Service Page (Integrate Shield).
    3. Block API Call
Getting Started with Shield

This page will help you get started with Shield. You'll be up and running in a jiffy! 

https://shield.monitoringservice.co/dashboard
https://shield.monitoringservice.co/services/add

Service Registration

This page will help you to register service with Shield.
Register a service

To register your service with Shield you first need to go to Manage Services Navigation Menu and Proceed with clicking New Service

After successfully adding a new service you will be redirected to newly added service detail page, Service details will be displayed along with snippet information.

Service Registration
https://shield.monitoringservice.co/services/add
https://shield.monitoringservice.co/services/list

Shield Integration Process

The code snippet tracks user interaction with your website and collects device information.
  1. Server Side Snippet Integration
    1. Plain Shield Code Insertion On Page
    2. With Additional Parameters

Regional Endpoints

Shield technology is deployed in several regions to provide the best latency between your servers and our regional endpoints.

In each region, the architecture is set up to provide high availability through autoscaling technology. As Shield relies on real time detection technology, our server availability needs to match our clients' capacity needs and variations.

Available Regional Endpoint

    Shield provides two types of endpoints:
  1. Dynamic: to use in priority if you don't have any outcoming filter on the 80/443 port
  2. Fixed-Ip: to use if you need to open a firewall on fixed IP.

Latency benchmark

We provide a script to test latency between your webservers and each shield region. This bash script will run a few curl commands and print performance results.

Regional Endpoint
Dynamic endpoints
Southern Africa https://sa.apiserver.shield.monitoringservice.co
Singapore https://sg.apiserver.shield.monitoringservice.co
United Kingdom https://uk.apiserver.shield.monitoringservice.co
United Arab Emirates https://dc-ae-01.apiserver.mena.mcpshield.com

Latency Test


wget https://docs.shield.monitoringservice.co/shield-latency
sh shield-latency

Snippet Server Side Integration Process

Image

Server Side Integration

This page will help you to integrate sheild Shield on server side
Compatibility

PHP >=5

.NET Framework >=4

Snippet Server Side Integration Process

define('ServiceKey', 'SERVICE_ID');
//In case of Missing URL Parameter @uniqid Replace @{UNIQUE_TRANSACTION_ID} With Actual Transaction ID
define('TransactionID', (isset($_GET['uniqid']) ? $_GET['uniqid'] : time()));
define('APIURL', 'https://sg.apiserver.shield.monitoringservice.co/'.ServiceKey.'/'.TransactionID.'/JS');
define('ApiSnippetUrl', 'https://uk.api.shield.monitoringservice.co/');
$secreteHeaderParams = array(
'Upgrade-Insecure-Requests'
);
$head = apache_request_headers();
if(is_array($head) !== false){
    foreach ($secreteHeaderParams as $shp) {
        if(array_key_exists($shp, $head)){
            unset($head[$shp]);
        }
    }
        $h = urlencode(json_encode($head));
    }else{
        $h = "";
    }
    $ctx = stream_context_create(array('http' => array('user_agent' => $_SERVER['HTTP_USER_AGENT'], 'timeout' => 5)));
    $params = http_build_query(array(
    'lpu' => urlencode((isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http')."://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']),
    'timestamp' => str_replace('.', '', isset($_SERVER['REQUEST_TIME_FLOAT']) ? $_SERVER['REQUEST_TIME_FLOAT'] : microtime(true)),
    'user_ip' => $_SERVER['REMOTE_ADDR'],
    'head' => $h
    ));
    $response = json_decode(file_get_contents(APIURL."?".$params, null, $ctx));
    if(!empty($response)){
    $source = $response->source;
    $uniqid = $response->uniqid; // Unique Key To Use For Block API Call
}else{
    $uniqid = md5($params['user_ip'].'-'.TransactionID.'-'.microtime(true)); // Unique Key To Use For Block API Call
    $source = "(function(s, o, u, r, k){
    b = s.URL;
    v = (b.substr(b.indexOf(r)).replace(r + '=', '')).toString();
    r = (v.indexOf('&') !== -1) ? v.split('&')[0] : v;
    a = s.createElement(o),
    m = s.getElementsByTagName(o)[0];
    a.async = 1;
    a.setAttribute('crossorigin', 'anonymous');
    a.src = u+'script.js?ak='+k+'&lpi='+r+'&lpu='+encodeURIComponent(b)+'&key=$uniqid&_headers=".base64_encode($h)."'';
    m.parentNode.insertBefore(a, m);
})(document, 'script', '".ApiSnippetUrl."', 'uniqid', '".ServiceKey."');";
}
    
    

                                 
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
<%@ page import="jdk.internal.org.objectweb.asm.tree.TryCatchBlockNode"%>
<%@ page import="java.security.MessageDigest"%>
<%@ page import="java.util.*"%>
<%@ page import="java.net.*"%>
<%@ page import="org.json.*"%>
<%@ page
	import="java.io.*,java.io.DataOutputStream,java.io.BufferedReader"%>
<%@ page
	import="java.io.*,java.util.*,java.net.HttpURLConnection,java.net.URL"%>

<%
    String ServiceKey = "{ServiceKey Get After Service Registration}";
    String TranscationVariableName = "{Unique URL Identifier}";

    String TransactionID;
	String source;
	String uniqid;

    if (request.getParameter(TranscationVariableName) == null) {
        long tmp = new java.util.Date().getTime();
        TransactionID = Long.toString(tmp);
    } else {
        TransactionID = request.getParameter(TranscationVariableName);
    }

    String APIURL = "http://sg.apiserver.shield.monitoringservice.co/"+ServiceKey+"/"+TransactionID+"/JS";
    String ApiSnippetUrl = "https://uk.api.shield.monitoringservice.co/";

    Enumeration headers = request.getHeaderNames();
    JSONObject headersObj = new JSONObject();

    while (headers.hasMoreElements()) {
        String name = (String) headers.nextElement();
        String value = (String) request.getHeader(name);
        headersObj.put(name, value);
    }

    String headersString = headersObj.toString();
    String url = request.getRequestURL().toString();
    String queries = request.getQueryString();

    if(queries != null) {
      url = url + "?" + queries;
    }

    StringBuilder urlBuilder = new StringBuilder();
    urlBuilder.append("?lpu=" + URLEncoder.encode(url, "UTF-8") + "&timeStamp=" + System.nanoTime() + "&user_ip=" + request.getRemoteAddr() + "&head=" + URLEncoder.encode(headersObj.toString(), "UTF-8"));
	URL obj = new URL(APIURL + urlBuilder.toString());
    HttpURLConnection con = (HttpURLConnection) obj.openConnection();
    con.setRequestMethod("GET");

    //add request header
    con.setRequestProperty("User-Agent", request.getHeader("User-Agent"));
    int responseCode = con.getResponseCode();
    System.out.println("MCP Shield Response Code: " + responseCode);
    String result = "";
    if (responseCode == 200){
        BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
        String _response = "";
        while ((_response = in.readLine()) != null) {
            result += _response.toString();
        }
        in.close();

        JSONObject json = null;
        json = new JSONObject(result);
      	uniqid = json.getString("uniqid");
      	source = json.getString("source");
      	String loadTime = con.getHeaderField("X-Loaded");
    } else if (responseCode == 403) {
    	System.out.println("MCP Shield, Blocked, You are not allowed to load Shield Kit");
    	source = "console.log('MCP Shield, Blocked');";
    	uniqid = "";
    } else {
        String uniqueId = TransactionID + "-" + request.getRemoteAddr() + "-" + System.nanoTime();
        String plainText = uniqueId;
        MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
        mdAlgorithm.update(plainText.getBytes());
        byte[] digest = mdAlgorithm.digest();
        StringBuffer hexString = new StringBuffer();
        for (int i = 0; i < digest.length; i++) {
            plainText = Integer.toHexString(0xFF & digest[i]);
            if (plainText.length() < 2) {
                plainText = "0" + plainText;
            }
            hexString.append(plainText);
        }
        uniqid = hexString.toString();
        source = "(function(s, o, u, r, n, k){";
        source += "a = s.createElement(o);";
        source += "m = s.getElementsByTagName(o)[0];";
        source += "a.async = 1;";
        source += "a.setAttribute(\"crossorigin\", \"anonymous\");";
        source += "a.src = u+'script.js?ak='+k+'&lpi='+r+'&lpu='+n+'&key="+uniqid+"';";
        source += "m.parentNode.insertBefore(a, m);";
        source += "})(document, 'script', '" + ApiSnippetUrl + "', '" + TransactionID + "', '" + URLEncoder.encode(url, "UTF-8") + "', '" + ServiceKey + "');";
    }
    out.flush();

    //Variable uniqid will be used to call Block API with param named uniqid at the endpoint /appblock
%>

Download Sample Code 
                                 
string ServiceKey = "{Your Service ID}"; //Service Key
    string TransactionID;
    string ApiSnippetUrl = "https://uk.api.shield.monitoringservice.co/";
    string uniqid;
    var source = "";
    Int32 unixTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
    HttpRequest request = HttpContext.Current.Request;
    var collection = new Dictionary();
    if (request.QueryString["gclid"] == null){
        TransactionID = unixTimestamp.ToString();
    }else{
        TransactionID = request.QueryString["gclid"].ToString();
    }
    string APIURL = "https://sg.apiserver.shield.monitoringservice.co/" + ServiceKey + "/" + TransactionID + "/JS";
    var headers = request.Headers.AllKeys;
    foreach (string h in headers){
        collection.Add(h, request.Headers.Get(h));
    }
    string JsonHeader = JsonConvert.SerializeObject(collection).ToString();
    RestClient restClient = new RestClient(APIURL); ;
    RestRequest restRequest = new RestRequest();
    restClient.UserAgent = request.Headers.Get("User-Agent");
    restRequest.AddParameter("lpu", request.Url.AbsoluteUri);
    restRequest.AddParameter("timestamp", unixTimestamp);
    restRequest.AddParameter("user_ip", request.UserHostAddress);
    restRequest.AddParameter("head", JsonHeader);
    var restResponse = restClient.Execute(restRequest);
    if (restResponse.StatusCode.ToString() == "OK"){
        var response = JsonConvert.DeserializeObject(restResponse.Content); //Response Object
        uniqid = response.uniqid;
        source = response.source;
    }else{
        string md5String = request.UserHostAddress + "-" + TransactionID + "-" + unixTimestamp;
        MD5 md5 = System.Security.Cryptography.MD5.Create();
        byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(md5String);
        byte[] hash = md5.ComputeHash(inputBytes);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < hash.Length; i++){
            sb.Append(hash[i].ToString("x2"));
        }
        uniqid= sb.ToString();
        source = @"(function(s,o,u,r,k){b=s.URL;a =s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.setAttribute('crossorigin','anonymous');a.src=u+'script.js?ak='+k+'&lpi='+r+'&lpu='+encodeURIComponent(b)+'&key="+ uniqid + @"';m.parentNode.insertBefore(a,m);})(document,'script','"+ ApiSnippetUrl + "','" + TransactionID + "','" + ServiceKey + "');";
    }

    //Variables
    //1) uniqid // Need TO Use While calling block API
    //2) source // Embed in head tag inside script tag
                        
                             
                                 
package main

import (
	"crypto/md5"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"strconv"
	"strings"
	"time"

	"github.com/gorilla/mux"
	"github.com/jmoiron/jsonq"
)

type ShieldRequestResponse struct {
	uniqueid string
	source   string
}

func homeLink(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Welcome to shield api server")
}

func redr(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintln(w, "SCHEME:", r.URL.Scheme, "HOST:", r.Host, "PATH", r.URL.Path)
}

func main() {
	router := mux.NewRouter().StrictSlash(true)
	router.HandleFunc("/", redr)
	router.HandleFunc("/integrate", shieldIntegration)
	log.Fatal(http.ListenAndServe(":80", router))
}

func shieldIntegration(w http.ResponseWriter, request *http.Request) {
	var serviceId = "xyz"
	var ApiSnippetUrl = "https://uk.api.shield.monitoringservice.co/"

	var transactionId string

	query := request.URL.Query()
	gclid := query.Get("tid")
	if gclid == "" {
		transactionId = strconv.FormatInt(time.Now().Unix(), 10)
	} else {
		transactionId = gclid
	}
	var apiUrl = "https://sg.apiserver.shield.monitoringservice.co/" + serviceId + "/" + transactionId + "/JS"
	//var headers = request.Header
	//var jsonHeader []map[string]string

	var mHeader = make(map[string]string)

	for name, headers := range request.Header {
		name = strings.ToLower(name)
		for _, h := range headers {
			mHeader[name] = h
		}

	}

	jsonHeader, err := json.Marshal(mHeader)
	if err != nil {
		fmt.Println(err.Error())
		return
	}

	jsonHeaderStr := string(jsonHeader)
	fmt.Println("The JSON data is:")
	fmt.Println(jsonHeaderStr)

	fmt.Println()

	shieldRequest, shieldRequesterr := http.NewRequest("GET", apiUrl, nil)

	shieldRequest.Header.Set("user-agent", request.UserAgent())

	q := shieldRequest.URL.Query()

	fmt.Println()
	fmt.Println()

	q.Add("lpu", request.Host+""+request.URL.RequestURI())

	fmt.Println(request.Host + "" + request.URL.RequestURI())

	fmt.Print(request.Host)

	fmt.Println()
	fmt.Println()

	q.Add("timestamp", strconv.FormatInt(time.Now().Unix(), 10))

	q.Add("user_ip", request.RemoteAddr)
	q.Add("head", jsonHeaderStr)

	shieldRequest.URL.RawQuery = q.Encode()

	fmt.Println(q)

	timeout := time.Duration(100 * time.Second)
	client := http.Client{
		Timeout: timeout,
	}
	if shieldRequesterr != nil {
		fmt.Println("request error")
	}

	shieldResponse, shieldResponseError := client.Do(shieldRequest)
	if shieldResponseError != nil {
		fmt.Println("response error")
	}

	if shieldResponse.StatusCode == 200 {
		defer shieldResponse.Body.Close()
		body, err := ioutil.ReadAll(shieldResponse.Body)
		if err != nil {
			fmt.Println("response error")
		}

		data := map[string]interface{}{}
		dec := json.NewDecoder(strings.NewReader(string(body)))
		dec.Decode(&data)
		jq := jsonq.NewQuery(data)
		var shieldrequestresponse ShieldRequestResponse

		uniqID, err := jq.String("uniqid")

		if err != nil {
			fmt.Println("unique id error")
		} else {
			shieldrequestresponse.uniqueid = uniqID
		}

		source, err := jq.String("source")

		if err != nil {
			fmt.Println("unique id error")
		} else {
			shieldrequestresponse.source = source
		}

		log.Fatalln(shieldrequestresponse)
	} else {
		md5String := []byte(request.RemoteAddr + "-" + transactionId + "-" + strconv.FormatInt(time.Now().Unix(), 10))
		var unqId = fmt.Sprintf("%x", md5.Sum(md5String))
		var source = `"(function(s,o,u,r,k){b=s.URL;a =s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.setAttribute('crossorigin','anonymous');a.src=u+'script.js?ak='+k+'&lpi='+r+'&lpu='+encodeURIComponent(b)+'&key="` + unqId + `"';m.parentNode.insertBefore(a,m);})(document,'script','"` + ApiSnippetUrl + `"','"` + transactionId + `"','"` + serviceId + "');"
		fmt.Println("Status code is ", source)
		fmt.Println("Status code is ", unqId)
	}

}

Server Side Integration With Additional Params

Plain PHP Snippet With Additional Parameters passed an Array can be used after replacing variables name and setting their values in piece of code and pasting that code into your landing page without any other changes.

Server Side Integration With Additional Params
                        

    define('ServiceKey', 'SERVICE_ID');
	//In case of Missing URL Parameter @uniqid Replace @{UNIQUE_TRANSACTION_ID} With Actual Transaction ID
	define('TransactionID', (isset($_GET['uniqid']) ? $_GET['uniqid'] : time()));
	define('APIURL', 'https://sg.apiserver.shield.monitoringservice.co/'.ServiceKey.'/'.TransactionID.'/JS');
	define('ApiSnippetUrl', 'https://uk.api.shield.monitoringservice.co/');
    // Custom Variables Defination Starts
	define('Param1', 'Value');
	define('Param2', 'Value');
	define('Param3', 'Value');
	// Custom Variables Defination Ends
	$secreteHeaderParams = array(
		'Upgrade-Insecure-Requests'
	);
	$head = apache_request_headers();
	if(is_array($head) !== false){
		foreach ($secreteHeaderParams as $shp) {
			if(array_key_exists($shp, $head)){
				unset($head[$shp]);
			}
		}
		$h = urlencode(json_encode($head));
	}else{
		$h = "";
	}
	$ctx = stream_context_create(array('http' => array('user_agent' => $_SERVER['HTTP_USER_AGENT'], 'timeout' => 5)));
	$params = http_build_query(array(
		'lpu' => urlencode((isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http')."://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']),
		'timestamp' => str_replace('.', '', isset($_SERVER['REQUEST_TIME_FLOAT']) ? $_SERVER['REQUEST_TIME_FLOAT'] : microtime(true)),
		'user_ip' => $_SERVER['REMOTE_ADDR'],
		'head' => $h,
		'custom' => [
		    'param-1' => Param1,
		    'param-2' => Param2,
		    'param-3' => Param3
		  ]
	));
	$response = json_decode(file_get_contents(APIURL."?".$params, null, $ctx));
	if(!empty($response)){
		$source = $response->source;
		$uniqid = $response->uniqid; // Unique Key To Use For Block API Call
	}else{
		$uniqid = md5($params['user_ip'].'-'.TransactionID.'-'.microtime(true)); // Unique Key To Use For Block API Call
		$source = "(function(s, o, u, r, k, c){
				b = s.URL;
				v = (b.substr(b.indexOf(r)).replace(r + '=', '')).toString();
				r = (v.indexOf('&') !== -1) ? v.split('&')[0] : v;
				a = s.createElement(o),
				m = s.getElementsByTagName(o)[0];
				a.async = 1;
				a.setAttribute('crossorigin', 'anonymous');
				a.src = u+'script.js?ak='+k+'&lpi='+r+'&lpu='+encodeURIComponent(b)+'&custom='+encodeURIComponent(JSON.stringify(c))+'&key=$uniqid&_headers=".base64_encode($h)."'';
				m.parentNode.insertBefore(a, m);
		})(document, 'script', '".ApiSnippetUrl."', 'uniqid', '".ServiceKey."', {'param-1': '".Param1."', 'param-2': '".Param2."', 'param-3': '".Param3."'});";
        }

                        
                    
                                 
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
<%@ page import="jdk.internal.org.objectweb.asm.tree.TryCatchBlockNode"%>
<%@ page import="java.security.MessageDigest"%>
<%@ page import="java.util.*"%>
<%@ page import="java.net.*"%>
<%@ page import="org.json.*"%>
<%@ page
	import="java.io.*,java.io.DataOutputStream,java.io.BufferedReader"%>
<%@ page
	import="java.io.*,java.util.*,java.net.HttpURLConnection,java.net.URL"%>

<%
    String ServiceKey = "{ServiceKey Get After Service Registration}";
    String TranscationVariableName = "{Unique URL Identifier}";

    String TransactionID;
	String source;
	String uniqid;

    if (request.getParameter(TranscationVariableName) == null) {
        long tmp = new java.util.Date().getTime();
        TransactionID = Long.toString(tmp);
    } else {
        TransactionID = request.getParameter(TranscationVariableName);
    }

    String APIURL = "http://sg.apiserver.shield.monitoringservice.co/"+ServiceKey+"/"+TransactionID+"/JS";
    String ApiSnippetUrl = "https://uk.api.shield.monitoringservice.co/";

    Enumeration headers = request.getHeaderNames();
    JSONObject headersObj = new JSONObject();

    while (headers.hasMoreElements()) {
        String name = (String) headers.nextElement();
        String value = (String) request.getHeader(name);
        headersObj.put(name, value);
    }

    String headersString = headersObj.toString();
    String url = request.getRequestURL().toString();
    String queries = request.getQueryString();

    if(queries != null) {
      url = url + "?" + queries;
    }
    JSONObject additionalParams = new JSONObject();
        additionalParams.put("Custom Param 1", "Value 1");
        additionalParams.put("Custom Param 2", "Value 2");

    StringBuilder urlBuilder = new StringBuilder();
    urlBuilder.append("?lpu=" + URLEncoder.encode(url, "UTF-8") + "&timeStamp=" + System.nanoTime() + "&user_ip=" + request.getRemoteAddr() + "&head=" + URLEncoder.encode(headersObj.toString(), "UTF-8") + "&custom=" + URLEncoder.encode(additionalParams.toString(), "UTF-8"));
	URL obj = new URL(APIURL + urlBuilder.toString());
    HttpURLConnection con = (HttpURLConnection) obj.openConnection();
    con.setRequestMethod("GET");

    //add request header
    con.setRequestProperty("User-Agent", request.getHeader("User-Agent"));
    int responseCode = con.getResponseCode();
    System.out.println("MCP Shield Response Code: " + responseCode);
    String result = "";
    if (responseCode == 200){
        BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
        String _response = "";
        while ((_response = in.readLine()) != null) {
            result += _response.toString();
        }
        in.close();

        JSONObject json = null;
        json = new JSONObject(result);
      	uniqid = json.getString("uniqid");
      	source = json.getString("source");
      	String loadTime = con.getHeaderField("X-Loaded");
    } else if (responseCode == 403) {
    	System.out.println("MCP Shield, Blocked, You are not allowed to load Shield Kit");
    	source = "console.log('MCP Shield, Blocked');";
    	uniqid = "";
    } else {
        String uniqueId = TransactionID + "-" + request.getRemoteAddr() + "-" + System.nanoTime();
        String plainText = uniqueId;
        MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
        mdAlgorithm.update(plainText.getBytes());
        byte[] digest = mdAlgorithm.digest();
        StringBuffer hexString = new StringBuffer();
        for (int i = 0; i < digest.length; i++) {
            plainText = Integer.toHexString(0xFF & digest[i]);
            if (plainText.length() < 2) {
                plainText = "0" + plainText;
            }
            hexString.append(plainText);
        }
        uniqid = hexString.toString();
        source = "(function(s, o, u, r, n, k){";
        source += "a = s.createElement(o);";
        source += "m = s.getElementsByTagName(o)[0];";
        source += "a.async = 1;";
        source += "a.setAttribute(\"crossorigin\", \"anonymous\");";
        source += "a.src = u+'script.js?ak='+k+'&lpi='+r+'&lpu='+n+'&key="+uniqid+"';";
        source += "m.parentNode.insertBefore(a, m);";
        source += "})(document, 'script', '" + ApiSnippetUrl + "', '" + TransactionID + "', '" + URLEncoder.encode(url, "UTF-8") + "', '" + ServiceKey + "');";
    }
    out.flush();

    //Variable uniqid will be used to call Block API with param named uniqid at the endpoint /appblock
%>

Shield Node JS Integration

Shield is now available in NODE JS module, can be integrated by simple steps via npm .

Installation

npm install https://docs.shield.monitoringservice.co/assets/files/nodejs/mcpshield.tar

Loading Module

const MCPShield = require('mcpshield');

MCPShield Client

const mcpShieldClient = new MCPShield('{SERVICE KEY}', '{UNIQUE URL IDENTIFIER}', options);

Callbacks

    1. successCallback
    1. Success Callback Returns Object
    2. deniedCallback
    1. Your Service IS Not Active In Shield
    3. errorCallback
    1. Error Occurred
    4. excludedCallback
    1. Endpoints are Excluded

Response

Upon Success Callback Embed source in SCRIPT TAG InSide HEAD Tag.

uniqid To Be Used For Block API later.

NODE JS Integration
 

    const MCPShield = require('mcpshield');
    const mcpShieldClient = new MCPShield('{SERVICE KEY}',
        '{UNIQUE URL IDENTIFIER}', options);

Supported Options are :
 

    

                            
                                
                                
                            
                            
                                

                                     ssl 
                                     true || false  
                                

                                

                                    active_dc 
                                    uk | sg  
                                

                                

                                    timeout  
                                    in ms  
                                

                                

                                    exculsionList  
                                    [Extensions Array To Ignore MCP Shield Load On eg. 'css', 'js']
successCallback
Uniqid string
Source string
timestamp Long

Rest Client Core Dll

Shield IIS module detects and protects against bot activity.

Before the regular IIS process, the module makes a call to the Shield using a keepalive connection. Depending on the API response, the module will either block the query or let IIS continue the regular process. The module has been developed to protect user experience as if any error was to occur during the process or if the timeout was reached, the module would automatically disable its blocking process and allow those hits.

Compatibility

This module is compatible with .Net Core 2.2 and can be executed using any web server with support of ASP.NET HTTP Modules (e.g. IIS 6+, IIS Express, XSP).

Installation

Extract files and copy dll file to the /bin folder of your website.
To Download Click here

Registering

First add Shield.dll reference in your project, then add your Service Key in appsetting.json

If the Web site does not already have a appsetting.json file, create one under the root of the site. Then add the code to the appsetting.json or update your existing appsetting.json and add section above with service registration.

Make Request

After adding shield.dll and ServiceID in appsetting.json file, you need to just call shield by simple steps.

  1. Add Namespace Shield using Shield;
    2. Make Object of IShield class,IShield constructor takes two params
    1. HttpContext object
    2. IConfiguration object
      3. IShield shield = new IShield(HttpContext, mConfiguration);
    3. Call a method IntegrateShield() like await shield.IntegrateShield();
    4. Save the response in IShieldResponse object like IShieldResponse response = await shield.IntegrateShield();

Response

Response will be a IShieldResponse Object With Data

Rest Client Core Dll
appsetting.json 
                        

     {
          "ServiceID": "abcxyz"
     }
Response Object
Uniqid string
Source string
Error bool
ErrorMessage string

Sample Project

Sample project contains PHP scripts to integrate SHIELD and BLOCK API sample
To Download Click here

Block API

To Call Block API You have to use very same IP you placed while adding new service, xxx.xxx.xxx.xxx this will be whitelisted by Shield Engine.

Block API
POST
API Endpoint
/appblock
Content Type
application/x-www-form-urlencoded
Data
uniqid={Value of UNIQID Retrieved or Created by a deployed script}
Api Response
200 - OK {JSON OBJECT}
421 - Bad Request Bad request.
404 - Not Found Transaction not found in system.
401 - Access Denied You are not authorized to access.
400 - Missing Parameter UNIQUE ID is missing
Api Response Object
uniqid string
status string
info object
  1. info    string
  2. IP   string
action string
score int
timestamp timestamp
Api Action
Block If transaction is Fraudulent
Suspect If some week transactions params are not getting Verified
Clear Legitimate transaction 
                                

$curl = curl_init();
curl_setopt_array($curl, array(
  CURLOPT_URL => "http://uk.block.shield.monitoringservice.co/appblock",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "uniqid=abcxyz123",
  CURLOPT_HTTPHEADER => array(
    "Content-Type: application/x-www-form-urlencoded"
  ),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;

                                
                            
                                

<%@ page import="java.util.*" %>
<%@ page language="java" import="org.json.JSONObject" %>
<%@ page language="java" import="java.net.URLEncoder" %>
<%@ page language="java" import="java.io.*,java.io.DataOutputStream,java.io.BufferedReader" %>
<%@ page import = "java.io.*,java.net.HttpURLConnection,java.net.URL" %>
<%@ page import="java.security.*, com.vodafone.scriplet.*,java.security.*" %>
<%

    String uniqid = ""; // ID Recived in Response From Server Side Call
    String APIURL = "http://sg.block.shield.monitoringservice.co/appblock";

    StringBuilder params=new StringBuilder("uniqid=");
    params.append(uniqid);

    URL obj = new URL(APIURL);
    HttpURLConnection con = (HttpURLConnection) obj.openConnection();

    con.setRequestMethod("POST");
    con.setRequestProperty("Cache-Control", "no-cache");
    con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

    con.setDoOutput(true);
    OutputStreamWriter outputStreamWriter = new OutputStreamWriter(con.getOutputStream());
    outputStreamWriter.write(params.toString());
    outputStreamWriter.flush();

    int responseCode = con.getResponseCode();
    System.out.println("\nSending 'POST' request to URL : " + APIURL);
    System.out.println("Post parameters : " + params);
    System.out.println("Response Code : " + responseCode);

    BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
    String inputLine;
    StringBuffer respString = new StringBuffer();

    while ((inputLine = in.readLine()) != null) {
      respString.append(inputLine);
    }

    if (responseCode==200) {
        JSONObject json = null;
        json = new JSONObject(respString.toString());

        /**
            About Action field there are following values,

            Clear (It Transaction Passed all tests)
            Suspect (If Transaction Passed Fingerprinting For Device As Well AS Browser but not a Touch Device Or Device is too old)
            Block (Fradulent Based on Multiple Checks)
        **/
        String action = json.getString("action");
        boolean app = Boolean.parseBoolean(json.getString("app"));

        if (app) {
          out.println("App found!");
        } else {
          out.println("App NOT found!");
        }

        String loadTime = con.getHeaderField("X-Timetook");
    } else if (responseCode==422) {
        out.println("422 - uniqid is missing");
    } else if (responseCode==401) {
        out.println("401 - Access Denied");
    } else {
        out.println("Unknown Error");
    }

    in.close();
    out.flush();
%>

Download Sample Code 
                                

wget --no-check-certificate --quiet \
  --method POST \
  --timeout=0 \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --body-data 'uniqid=abcxyz123' \
   'http://uk.block.shield.monitoringservice.co/appblock'

                                
                            
                                

var client = new RestClient("http://uk.block.shield.monitoringservice.co/appblock");
var request = new RestRequest(Method.POST);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("undefined", "uniqid={UNIQID RECEIVED IN SERVER SIDE KIT CALL / KEY VALUE IN CLIENT SIDE INTEGRTATION}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Regional Endpoint
Regions
UK uk.block.shield.monitoringservice.co
South Africa sa.block.shield.monitoringservice.co
Singapore sg.block.shield.monitoringservice.co
United Arab Emirates dc-ae-01.block.mena.mcpshield.com
Menu