WAF Deny rule for specific IP's

Hi Team,

For example, If the client request IP’s are or and then I need to add below rule in Firewall.
Could you please share example page rule?

If Source IP =,
htps://www.example.com/root/* - Block
htps://www.example.com/root/test1.page - Allow
htps://www.example.com/root/defaule/ - Allow
htps://www.example.com/root/test/* - Allow

Are you saying that you want to block two IP addresses from accessing anything but those three other paths? But other IP addresses get full access?

I would create two rules in order

ALLOW (http.request.uri.path in {"/root/test1.page" “/root/defaule/”} or http.request.uri.path contains “/root/test/”) and ip.src in {}

BLOCK (ip.src in {})