Posts Tagged ‘block’

Unlike WAF v2 , the v1 product does not have custom rules for blocking IP , so you will need to do this at the IIS Level still

When the WAF forwards the request it tags on “x-forwarded-for” to the HTTP header and leaves the c-ip ( client IP ) the same

By Default IIS will check IP Address Domain and Restrictions list on the site and block the c-ip ( client IP ) using this list. 

Enabling Proxy Mode ( In IIS 8 and up ) means it will also adhere to the x-forwarded-for , but you will need to add the Subnet of the WAF ( as it picks a different IP each time ) to the allow list as well or the Health probe won’t be able to make sure the site is UP

GD Star Rating
loading...
GD Star Rating
loading...

Recently I needed to train a SysAdmin on how to whitelist sites using the Gui. I couldn’t find an online guide ( only using CLI ) so here it is! 

  1. Create a Block and Allow List

2. Add URL’s you would like to block and allow

3. Create a new policy to block and allow these

4. Add this policy as a UTM Policy under Web Filtering Polices

5) Define this UTM policy in between zones 

GD Star Rating
loading...
GD Star Rating
loading...