Want to whitelist certain IP Addresses from WAF rules

We have created a WAF rule and blocked certain countries based on URI. Now we need to allowlist certain IP(s) from the selected countries or users in order to work on the website.
The updated settings seems to have changed a bit. Can someone help with an example of the same?

You can either create IP Access Rules with the “Allow” action, which will allow certain IP addresses to bypass all Cloudflare security features, or you can create WAF rules that you place before all other rules with the “Skip” action.

For the WAF Rule, you can use something like “Source IP is in list …”

Tried the following configuration:
Not working

Is that the first WAF rule? It needs to be at the very top.

The and country is in ... part also doesn’t make any sense. The country is based on the IP address, so there is not really a need to check it.

Also, your screenshot does not show the action taken.

Action taken is ‘Skip’

Ok, moving the Rule up to the TOP seems working! :slightly_smiling_face:
Another thing we want to know is since the IP address are dynamic how long will this stay the same? Can we add more IP addresses within a List and update here? That would be ideal.
Thanks much

Yes, you can use lists for the IP addresses. Just change the “equals” operator to “is in” and you will see how to create IP lists.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.