The IP management feature of WAF allows you to query access source IPs that pass WAF-protected domain names and add them to the blocklist or allowlist. Key features include IP query, IP blocklist/allowlist setting, and IP blocking status query.
In the blocklist/allowlist module, you can add a domain name-specific or global blocklist/allowlist which will take effect in the following priority order:
- The priority of the blocklist/allowlist is only lower than that of the custom pass policy of WAF, but higher than that of other detection logics.
- Priorities of IP blocklist/allowlist settings in descending order: global allowlist > domain name-specific allowlist > domain name-specific blocklist > global blocklist.
Configuration item description:
- Category: blocklist or allowlist.
- Source: CC protection, BOT, or custom rule.
- Advanced Filter: you can use the creation time and expiration time to filter IPs.
2. To add an entry to the blocklist/allowlist, select the domain name to be protected in the top-left corner, click Add Blocklist/Allowlist, and select the IP address or range to be blocked/allowed.
- If you select
ALLfor domain name, the added IP address or range will be blocked/allowed globally.
- The quotas for domain name in each edition are as follows:
Premium Edition: 1,000 entries/domain name; Enterprise Edition: 5,000 entries/domain name; Ultimate Edition: 20,000 entries/domain name. Each IP address or range occupies one entry in the quota.
3. You can import a blocklist or allowlist and export their filtered results. When you import IP information, please refer to the format of the exported file.
4. After the source IP is added, you can enter it in the IP query module to query its status.