Allow traffic from IP addresses in allowlist only
This example skips WAF rules for requests from IP addresses in an allowlist (defined using an IP list).
Create an IP list with the IP addresses for which you want to allow access.
For example, create an IP list namedallowed_ips
with one or more IP addresses. For more information on the accepted IP address formats, refer to IP lists.Create a custom rule skipping all rules for any request from the IPs in the list you created (
allowed_ips
in the current example).
Expression | Action |
---|---|
(ip.src in $allowed_ips) | Skip:
|
Make sure the new rule appears before any other custom rules in the rules list.