Blocking IP from within New Firewall View

Hi there

The new firewall view has lots of nice features but one that seems to be missing is this…

From within the modal I could block the malicious IP. This functionality seems to have been lost - or am I missing something? If not then please, please consider putting it back :smiley:

Glyn

1 Like

This should still be available in the Firewall Tools app/tab

Hi Judge

Thanks for your response. If I have understood you correctly then I can copy the IP from within the modal, go to the Firewall Tools Tab, paste in the IP and create a new rule. So, yes, the functionality is still there.

But what I miss is the functionality that enables me to do this in one action without leaving the modal. It’s that that seems to have disappeared and that I would love to see returned.

Glyn

me too!

Yeah, that was nice. It’s removal, however, has pushed me into learning of other aspects of the entire firewall, especially combined with the newly added features in the WAF. For example: let’s say, theoretically, I want to ensure that a specific attacker will have not only a single IP block to contend with, but that I want to use a sort of ‘defense in depth’. I’ll use either a /16 or /24 IP range, depending on various factors, e.g. if a lot of traffic originates from said IP block. Then, if that IP block belongs to a specific AS and the only traffic coming from it, as some are quite small, is that of the attacker, I’ll block that AS as well. Then of course, there’s UA blocking. And the newly designed WAF makes it extremely easy to filter or exclude traffic based on all of the above. Firewall-rule related : blocking of URIs and request methods are the two rule types I’ve found most functional, though that’s for my own needs. Yes, it sounds like I’m cheerleading the new WAF redesign that you wish still had a one click single IP block baked in, and I guess I am. I personally find it most useful.

1 Like