enhancedProxyDetection

Property Manager name: Enhanced Proxy Detection with GeoGuard
Behavior version: The latest rule format supports the enhancedProxyDetection behavior v1.3.
Rule format status: Beta, possible breaking changes
Access: Read/Write
Allowed in includes: Not available for latest rule format

Enhanced Proxy Detection (EPD) leverages the GeoGuard service provided by GeoComply to add proxy detection and location spoofing protection. It identifies requests for your content that have been redirected from an unwanted source through a proxy. You can then allow, deny, or redirect these requests.

Include this behavior in the same rule as epdForwardHeaderEnrichment. The epdForwardHeaderEnrichment behavior sends the Enhanced Proxy Detection (Akamai-EPD) header in the forward request to determine whether the connecting IP address is an anonymous proxy.

Option	Type	Description	Requires
`enabled`	boolean	Applies GeoGuard proxy detection.		{"displayType":"boolean","tag":"input","type":"checkbox"}
`forwardHeaderEnrichment`	boolean	Whether the Enhanced Proxy Detection (Akamai-EPD) header is included in the forward request to mark a connecting IP address as an anonymous proxy, with a two-letter or three-letter designation. See the `epdForwardHeaderEnrichment` behavior for details.		{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enabled","op":"eq","value":true}}
`enableConfigurationMode`	enum	Specifies how to field the proxy request.		{"displayType":"enum","options":["BEST_PRACTICE","ADVANCED"],"tag":"select"} {"if":{"attribute":"enabled","op":"eq","value":true}}
	`BEST_PRACTICE`	GeoComply maintains a fixed list of categories for their GeoGuard service. Select this mode to automatically apply their primary, "must-have" categories for proxy detection.
	`ADVANCED`	Use this mode to selectively apply GeoGuard categories and customize the applied action. Make sure you include at least the categories GeoGuard considers "must-have." Akamai can't guarantee optimal proxy protection if you leave them out.
`bestPracticeAction`	enum	Specifies how to field the proxy request.	`enableConfigurationMode` is `BEST_PRACTICE`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"BEST_PRACTICE"}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`bestPracticeRedirecturl`	string (allows variables)	This specifies the URL to which to redirect requests.	`bestPracticeAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"bestPracticeAction","op":"eq","value":"REDIRECT"}}
`detectAnonymousVpn`	boolean	This detects requests from anonymous VPNs.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectAnonymousVpnAction`	enum	Specifies how to field anonymous VPN requests.	`detectAnonymousVpn` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectAnonymousVpn","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectAnonymousVpnRedirecturl`	string (allows variables)	This specifies the URL to which to redirect anonymous VPN requests.	`detectAnonymousVpnAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectAnonymousVpnAction","op":"eq","value":"REDIRECT"}}
`detectPublicProxy`	boolean	This detects requests from public proxies.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectPublicProxyAction`	enum	Specifies how to field public proxy requests.	`detectPublicProxy` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectPublicProxy","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectPublicProxyRedirecturl`	string (allows variables)	This specifies the URL to which to redirect public proxy requests.	`detectPublicProxyAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectPublicProxyAction","op":"eq","value":"REDIRECT"}}
`detectTorExitNode`	boolean	This detects requests from Tor exit nodes.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectTorExitNodeAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from Tor exit nodes.	`detectTorExitNode` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectTorExitNode","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectTorExitNodeRedirecturl`	string (allows variables)	This specifies the URL to which to redirect requests from Tor exit nodes.	`detectTorExitNodeAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectTorExitNodeAction","op":"eq","value":"REDIRECT"}}
`detectSmartDNSProxy`	boolean	This detects requests from smart DNS proxies.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectSmartDNSProxyAction`	enum	Specifies whether to `DENY`, `ALLOW`, or `REDIRECT` smart DNS proxy requests.	`detectSmartDNSProxy` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectSmartDNSProxy","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectSmartDNSProxyRedirecturl`	string (allows variables)	This specifies the URL to which to redirect DNS proxy requests.	`detectSmartDNSProxyAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectSmartDNSProxyAction","op":"eq","value":"REDIRECT"}}
`detectHostingProvider`	boolean	This detects requests from a hosting provider.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectHostingProviderAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from hosting providers.	`detectHostingProvider` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectHostingProvider","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectHostingProviderRedirecturl`	string (allows variables)	This specifies the absolute URL to which to redirect requests from hosting providers.	`detectHostingProviderAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectHostingProviderAction","op":"eq","value":"REDIRECT"}}
`detectVpnDataCenter`	boolean	This detects requests from VPN data centers.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectVpnDataCenterAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from VPN data centers.	`detectVpnDataCenter` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectVpnDataCenter","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectVpnDataCenterRedirecturl`	string (allows variables)	This specifies the URL to which to redirect requests from VPN data centers.	`detectVpnDataCenterAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectVpnDataCenterAction","op":"eq","value":"REDIRECT"}}
`detectRelayProxy`	boolean	This detects requests from a relay proxy.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectRelayProxyAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from a relay proxy.	`detectRelayProxy` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectRelayProxy","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectRelayProxyRedirecturl`	string (allows variables)	This specifies the URL to which to redirect requests from a relay proxy.	`detectRelayProxyAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectRelayProxyAction","op":"eq","value":"REDIRECT"}}
`detectProxyOverVpn`	boolean	This detects requests from a proxy over VPN.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectProxyOverVpnAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from a proxy over VPN.	`detectProxyOverVpn` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectProxyOverVpn","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectProxyOverVpnRedirecturl`	string (allows variables)	This specifies the redirect URL for requests from a proxy over VPN.	`detectProxyOverVpnAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectProxyOverVpnAction","op":"eq","value":"REDIRECT"}}
`detectResidentialProxy`	boolean	This detects requests from a residential proxy. See Enhanced Proxy Detection with GeoGuard and learn more about this GeoGuard category before enabling it.	`enableConfigurationMode` is `ADVANCED`	{"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"attribute":"enableConfigurationMode","op":"eq","value":"ADVANCED"}}
`detectResidentialProxyAction`	enum	This specifies whether to `DENY`, `ALLOW`, or `REDIRECT` requests from residential proxies.	`detectResidentialProxy` is `true`	{"displayType":"enum","options":["ALLOW","DENY","REDIRECT"],"tag":"select"} {"if":{"attribute":"detectResidentialProxy","op":"eq","value":true}}
	`ALLOW`	Allow the request.
	`DENY`	Deny the request.
	`REDIRECT`	Respond with a redirect.
`detectResidentialProxyRedirecturl`	string (allows variables)	This specifies the URL to which to redirect requests.	`detectResidentialProxyAction` is `REDIRECT`	{"displayType":"string","tag":"input","type":"text"} {"if":{"attribute":"detectResidentialProxyAction","op":"eq","value":"REDIRECT"}}