FIlter WAF rules based on Source IP


Is it possible apply certain WAF rules to certain inbound source IPs?

Thanks in advance.


I think the answer is no, not really.

The only way I can think of would be to enable the rules for everyone, then create a Firewall Bypass rule for the WAF, where not equal to those inbound IP’s
The real danger with that would be it would disable the WAF for everyone else.

1 Like

Thank you. I figured as much. I would have hoped it would have been more like a traditional firewall where I could say “for this source IP do not apply the IPS sig (CVE, OWASP, etc.) x, y, z”. Sigh.

Understood and thank you!