Define rules to accurately control HTTP requests and prevent access those non-compliant with RFC or user-defined rules.
To define an access control rule:
- On the WAF instance list, select the target WAF instance.
- On the lower part of the page, select a domain name and choose More > Access Control above the list.
Click Add Rule and configure the rule type and corresponding action.
Supported rule types include:
- ip: Specifies an IP address range or segment to be added to the blacklist or whitelist.
- ua: Specifies a regular expression for matching, such as curl|Mozilla/5.0|Firefox.
- referer: Specifies a regular expression for matching.
- path: Typically used to match URIs by specifying a collection of keywords in AND relationship. A path that matches any specified keyword matches the rule. The rule type does not support regular expressions.
- Click OK in the Operation column.
- Repeat the previous steps to add more rules for the domain name.