Whitelist Lokker Privacy Edge

Many clients use bot management tools to protect their websites from automated traffic. However, these tools can inadvertently block Lokker's Privacy Edge scanning service, preventing us from accessing and analyzing your public-facing websites.

This guide provides step-by-step instructions for whitelisting Lokker Privacy Edge requests across various bot management platforms.

Table of Contents

• Lokker Privacy Edge Identification
• Why Whitelisting is Necessary
• Platform-Specific Instructions
• Testing Your Configuration
• Notification to Lokker Support
• Best Practices
• Troubleshooting
• Conclusion

---

Lokker Privacy Edge Identification

Lokker Privacy Edge uses a custom HTTP header to identify itself to your systems:

• Header Key: x-lokker
• Header Value: Privacy Edge

⚠️ Important: Both the header key and value are case-sensitive and must match exactly as shown above.

Why Whitelisting is Necessary

Bot Management Impact

• Scanning Blocked: Bot protection tools may block our scanning requests
• Incomplete Reports: Blocked scans result in incomplete privacy assessments
• Service Interruption: Continuous blocking prevents ongoing monitoring

Benefits of Proper Whitelisting

• Complete Coverage: Ensures all pages are scanned and analyzed
• Accurate Reporting: Provides comprehensive privacy risk assessments
• Continuous Monitoring: Enables ongoing privacy compliance monitoring

Platform-Specific Instructions

Cloudflare

Cloudflare is one of the most common bot management platforms. Here's how to whitelist Lokker Privacy Edge:

Method 1: WAF Custom Rules

1. Access Cloudflare Dashboard

   • Log into your Cloudflare account
   • Navigate to your domain
   • Go to Security → WAF → Custom rules

2. Create New Rule

   • Click Create custom rule
   • Name: Allow Lokker Privacy Edge

3. Configure Rule Expression

   (http.request.headers["x-lokker"][0] eq "Privacy Edge")

4. Set Action

   • Action: Skip
   • Skip phases: Select WAF and Rate Limiting

5. Deploy Rule

   • Click Deploy to activate the rule

Method 2: Bot Fight Mode Exceptions

1. Access Bot Management

   • Go to Security → Bots
   • Click Configure Bot Fight Mode

2. Add Exception

   • Click Add exception
   • Field: HTTP Header
   • Header name: x-lokker
   • Value: Privacy Edge
   • Action: Allow

3. Save Configuration

   • Click Save to apply the exception

Method 3: Rate Limiting Rules

1. Access Rate Limiting

   • Go to Security → WAF → Rate limiting rules

2. Create New Rule

   • Click Create rule
   • Name: Allow Lokker Privacy Edge

3. Configure Matching

   (http.request.headers["x-lokker"][0] eq "Privacy Edge")

4. Set Rate Limit

   • Rate: Unlimited
   • Duration: 1 minute

AWS WAF

For AWS WAF users, create a rule to allow Lokker Privacy Edge requests:

Step 1: Create Rule Group

1. Access AWS WAF Console

   • Navigate to AWS WAF & Shield
   • Select your web ACL

2. Add Rule

   • Click Add rules → Add my own rules and rule groups
   • Rule type: Rule builder

Step 2: Configure Rule

1. Rule Details

   • Name: Allow-Lokker-Privacy-Edge
   • Type: Regular rule

2. Statement

   • Inspect: Single header
   • Header field name: x-lokker
   • Match type: Exactly matches string
   • String to match: Privacy Edge

3. Action

   • Action: Allow

4. Deploy Rule

   • Click Add rule and deploy to your web ACL

Imperva (Incapsula)

For Imperva users, create a security rule to whitelist Lokker:

Step 1: Access Security Rules

1. Login to Imperva Console

   • Navigate to your site
   • Go to Security → Security Rules

2. Create New Rule

   • Click New Rule
   • Rule name: Allow Lokker Privacy Edge

Step 2: Configure Rule

1. Rule Conditions

   • Condition: HTTP Header
   • Header name: x-lokker
   • Operator: Equals
   • Value: Privacy Edge

2. Rule Action

   • Action: Bypass
   • Apply to: All security features

3. Deploy Rule

   • Click Save to activate the rule

F5 BIG-IP

For F5 BIG-IP users, create an iRule to allow Lokker requests:

Step 1: Create iRule

1. Access F5 Management Interface

   • Navigate to Local Traffic → iRules

2. Create New iRule

   • Click Create
   • Name: allow_lokker_privacy_edge

Step 2: Configure iRule

when HTTP_REQUEST {
    if { [HTTP::header "x-lokker"] eq "Privacy Edge" } {
        # Allow the request to proceed
        return
    }
}

3. Apply iRule
   • Assign the iRule to your virtual server
   • Set priority to ensure it runs before blocking rules

Akamai

For Akamai users, create a property rule to whitelist Lokker:

Step 1: Access Property Manager

1. Login to Akamai Control Center

   • Navigate to Property Manager
   • Select your property

2. Create New Rule

   • Click Add Rule
   • Rule name: Allow Lokker Privacy Edge

Step 2: Configure Rule

1. Rule Conditions

   • Condition: Request Header
   • Header name: x-lokker
   • Match operator: Equals
   • Value: Privacy Edge

2. Rule Behavior

   • Behavior: Allow
   • Apply to: All requests matching condition

3. Deploy Configuration

   • Save and activate the property configuration

Generic Bot Management Tools

For other bot management platforms, look for these configuration options:

Common Configuration Fields

• Header-based rules: Create rules based on HTTP headers
• Whitelist/Allowlist: Add exceptions for specific headers
• Custom rules: Create custom logic for header matching

Configuration Template

Rule Name: Allow Lokker Privacy Edge
Condition: HTTP Header "x-lokker" equals "Privacy Edge"
Action: Allow/Bypass/Whitelist
Priority: High (to ensure it runs before blocking rules)

Testing Your Configuration

Verify Whitelisting

1. Check Logs

   • Monitor your bot management logs
   • Look for requests with x-lokker: Privacy Edge header
   • Verify these requests are being allowed

2. Test Scanning

   • Contact Lokker support to request a test scan
   • Verify that scanning completes successfully
   • Check that all pages are accessible

Common Issues

Case Sensitivity

• Problem: Header case doesn't match exactly
• Solution: Ensure x-lokker (lowercase) and Privacy Edge (exact case)

Rule Priority

• Problem: Blocking rules run before whitelist rules
• Solution: Set high priority for Lokker whitelist rules

Header Format

• Problem: Header value includes extra spaces or characters
• Solution: Use exact value Privacy Edge with no extra characters

Notification to Lokker Support

Once you've successfully whitelisted Lokker Privacy Edge:

Required Information

• Domain: The website domain you've whitelisted
• Platform: Bot management tool used (Cloudflare, AWS WAF, etc.)
• Confirmation: Confirmation that whitelisting is active

Contact Methods

• Email: Support team contact information
• Portal: Customer support portal
• Documentation: Include this in your support ticket

Benefits of Notification

• System Flagging: We can flag your site in our system
• Proactive Monitoring: We can monitor for scanning issues
• Support: Faster resolution of any scanning problems

Best Practices

Security Considerations

• Minimal Permissions: Only whitelist the specific header, not all Lokker traffic
• Regular Review: Periodically review and update whitelist rules
• Monitoring: Monitor logs for any unusual activity

Maintenance

• Rule Documentation: Document your whitelist rules for team reference
• Testing: Regularly test that whitelisting is working correctly
• Updates: Keep bot management tools updated for security

Compliance

• Audit Trail: Maintain logs of whitelist rule changes
• Documentation: Keep records of why rules were implemented
• Review Process: Establish regular review of security rules

Troubleshooting

Common Problems

Scanning Still Blocked

1. Check Rule Priority: Ensure whitelist rules run before blocking rules
2. Verify Header Format: Confirm exact case and spelling
3. Test Manually: Use tools like curl to test header acceptance

Partial Scanning

1. Check All Subdomains: Ensure rules apply to all subdomains
2. Verify CDN Configuration: Check if CDN is blocking requests
3. Review Rate Limits: Ensure rate limiting isn't affecting scans

False Positives

1. Refine Rules: Make rules more specific to avoid false positives
2. Monitor Logs: Check for any unintended rule matches
3. Test Edge Cases: Verify rules work with various request types

Getting Help

If you encounter issues with whitelisting:

1. Check Documentation: Review your bot management platform's documentation
2. Contact Support: Reach out to your platform's support team
3. Lokker Support: Contact Lokker support for scanning-specific issues

Conclusion

Properly whitelisting Lokker Privacy Edge ensures uninterrupted scanning and comprehensive privacy assessments. By following the platform-specific instructions above and maintaing proper security practices, you can enable Lokker's services while maintaing your website's security posture.

Rember to:

• Use exact case-sensitive header values
• Set appropriate rule priorities
• Test your configuration
• Notify Lokker support when whitelisting is complete

---

For additional support or questions about whitelisting Lokker Privacy Edge, please contact our support team.