It is possible to protect a page with Opticks by redirecting traffic to the Opticks platform before displaying the protected page. This integration method has advantages over an OpticksJS integration and the Opticks Firewall integration.
When traffic arrives to a protected page, the customer must determine whether Opticks has analyzed the visit prior to displaying the page. If the traffic has already been analyzed, the page can be displayed. If the traffic has not been analyzed, the visitor should be redirected to Opticks.
In order to determine whether Opticks has analyzed the visit, the customer should examine the OPT data. The name of the URL parameter containing the OPT data is defined by the customer. If the OPT data is valid, the Opticks analysis was successful and the protected page can be shown. If the OPT data does not exist, the visitor should be redirected to Opticks. If the OPT data exists but is invalid, it could be an indication that a malicious visit is occuring.
If the OPT data is empty, the visit should be redirected to the following endpoint:
|campaign_hash||mandatory.||The Opticks Campaign id. This field will determine which security options are in force and split the data by Campaign in the Opticks Back Office.|
|next_url||mandatory and important, please read description||The url-encoded destination of the visit after Opticks has analyzed the visit. E.g.
N.B. The next_url must include parameters to tell the Opticks platform where to place the OPT data and the Opticks click_id. E.g.
In this case, Opticks will place the analysis info into the
If there is no
|fallback_url||optional||The url-encoded destination for traffic which is blocked by your campaign security settings. If you omit this parameter, Opticks will send filtered traffic to the fallback URL configured in the Opticks Back Office. If there is no fallback URL in the dashboard and no
|hmac||mandatory||The HMAC-SHA-256 cryptographic hash function of the concatenated
To sanitize the Base64 string, perform the following replacements: replace
For example, if your secret key is
See https://www.liavaag.org/English/SHA-Generator/HMAC/ and http://php.net/manual/en/function.hash-hmac.php for examples.
After Opticks has analyzed the visit, it will redirect the traffic to whichever url is in the next_url parameter (using the example above):
http://merchantdomain.com/protectedpage.html ?all=x&your=y¶ms=z &clickid=track_202030055_3453fwfwf_fweew34 &opt=urlencodedBase64EncryptedData &opt-hmac=urlencodedBase64EncryptedData
See the JSON Payload and Encryption section for more details.
- No need to change partner URLs
- Some server side coding required.
- More redirects than the other integration options