How can I allowlist source IP just call to only URI path was declare?

datnt10 · December 20, 2024, 4:43am

What is the name of the domain?

ncb-bank.vn

What is the issue you’re encountering

just allow source ip allowlist call to uri path

What are the steps to reproduce the issue?

I just need source IP and uri path matching will skip waf rule and call to backend. But when I config follow below picture, source ip can call to all path after hostname.
P/s: with only 1 uri path rule is working, but when I need matching 02 URI path, rule is not working.

Screenshot of the error

sdayman · December 20, 2024, 5:07am

You will need to use the Expression Editor to manually regroup the OR at the end.

It will look like:
ip.src in $tests and http.host eq "hostname" and (starts_with(http.request.uri.path, "/one") or starts_with(http.request.uri.path, "/two"))

datnt10 · December 20, 2024, 6:06am

I was create successed with Expression Editor, but this way is not good. and I will difficult control my rule when need extend rule.

system · December 22, 2024, 6:06am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
WAF Deny rule for specific IP's Security	3	2425	July 7, 2021
3 Condition Requirement Custom Rule Security	2	231	April 2, 2024
Blocking incoming requests that do not come from a specific source hostname Security	3	168	July 29, 2024
Redirect Rule for 'IP Source Address' "is not in list" expression not matching lst Rules	8	47	January 27, 2025
Whitelist URL Path From Custom ASN Block SOLVED Security	9	976	December 7, 2023

How can I allowlist source IP just call to only URI path was declare?

What is the name of the domain?

What is the issue you’re encountering

What are the steps to reproduce the issue?

Screenshot of the error

Related topics