The DataDome plugin is developed in Go and integrates smoothly with Tyk.

The plugin makes a call to the DataDome API using a KeepAlive connection during the custom pre-middleware event of a Tyk request lifecycle (before connecting to the origin services).

The plugin has been developed to protect the users'experience: if any errors were to occur during the process or if the timeout is reached, the plugin will automatically disable its blocking process and allow those hits to proceed with the Tyk process.

Compatibility

The module has been tested and verified on the following versions:

Tyk Gateway (Open Source)
Tyk Self Management
Tyk Cloud installations

Installation and Configuration

DataDome plugin can be installed in Tyk from local files as follows:

Download the source for code for the DataDome Tyk plugin here
Check the version of Tyk being used
Compile the DataDome Tyk pluginfor the specific version of Tyk using the following command:
```
docker run --rm -v .:/plugin-source tykio/tyk-plugin-compiler:vVERSION datadome-go-tyk.so
```
- In the above, VERSION is the version of Tyk. For example, to compile the DataDome Tyk plugin for Tyk 5.2.0, use the following command:
```
docker run --rm -v .:/plugin-source tykio/tyk-plugin-compiler:v5.2.0 datadome-go-tyk.so
```
The compilation process will generate a .so file having a file name in the format:
datadome-go-tyk_vVERSION_PLATFORM.so.
- For example, the result of compiling the DataDome Tyk plugin for Tyk 5.2.0 will be the file:
  datadome-go-tyk_v5.2.0_linux_amd64.so
Place the filedatadome-go-tyk_vVERSION_PLATFORM.so in the middleware folder of your Tyk installation.
Go to the API definition file (api-definition.json) of the API that you would like to protect.
- This is typically found in the _apps _folder of your Tyk installation.
Add the DataDome middleware to the pre event
- The DataDome plugin should be added to the existing list of custom Tyk middleware if there are other plugins already installed.
Add the datadome section to the config_data element
- Replace the datadome_server_side_key available inside your Dashboard > Integrations

{
  ...,
	"custom_middleware": {
		    "pre": [
		      {
		        "name": "DataDome",
		        "path": "./middleware/datadome-go-tyk.so"
		      },
		      ....
		    ],    
		    "driver": "goplugin"
		  },
  ...,
	"config_data": {
	  "datadome": {
	    "datadome_server_side_key": "server_side_key"
	  }
	}
}

pre is the phase in the cycle, name is the name of the GO function and path is the binary location

Reload Tyk

The following command will hot-restart Tyk Gateway process without dropping any connections:

 sudo kill -SIGUSR2 {gateway-pid}

Settings

We support as well configuration by environment variable with the same setting name uppercase.

Setting	Description	Required	Default Value
datadome_server_side_key	Your DataDome server side key, found in your dashboard	yes	-
datadome_endpoint	Host of the API Server Available endpoints	no	`api.datadome.co`
datadome_timeout	Timeout for regular API calls	no	`150` (in milliseconds)
datadome_url_pattern_inclusion	Regular expression to include URLs	no	-
datadome_url_pattern_exclusion	Regular expression to exclude URLs	no	List of excluded static assets below

"\\.(avi|flv|mka|mkv|mov|mp4|mpeg|mpg|mp3|flac|ogg|ogm|opus|wav|webm|webp|bmp|gif|ico|jpeg|jpg|png|svg|svgz|swf|eot|otf|ttf|woff|woff2|css|less|js|map|json)$"

Settings example:

{
	"config_data": {
	  "datadome": {
	    "datadome_server_side_key": "datadadome_server_side_key",
	    "datadome_endpoint":"api.datadome.co",
	    "datadome_timeout" : "150",
	    "datadome_url_pattern_inclusion" : "",
	    "datadome_url_pattern_exclusion": "\\.(myextension|otherextension|avi|flv|mka|mkv|mov|mp4|mpeg|mpg|mp3|flac|ogg|ogm|opus|wav|webm|webp|bmp|gif|ico|jpeg|jpg|png|svg|svgz|swf|eot|otf|ttf|woff|woff2|css|less|js|map|json)$",
	  }
	}
}