menu
search close

Working with request rules

access_time Updated Mar 24, 2023

Request rules allow you to define arbitrary conditions and block, allow, or tag requests indefinitely or for a specific period of time. For example, you could make a rule to block all requests with specific headers, requests to certain paths, or requests originating from specific IP addresses.

Creating request rules

To create a request rule, follow these steps:

  1. On the Site Rules page, click the Add site rule button. The Add form appears.

    A request rule designed to block requests to the ‘/login’ page from the IP address ‘198.51.100.50’, as described above.

  2. In the Type section, select Request.

  3. Fill out the fields in the Conditions section as follows:

    • From the Field menu, select the request field that the condition is based on.
    • In the Value field, enter a value for the specified field.
    • From the Operator menu, select an operator to specify how the selected field and value relate.
    • Optionally click the Add condition button to add another condition or the Add group button to create a group of conditions.
    • Select All to specify that a request must meet every condition or Any to specify that a request must meet only one condition.

  4. Fill out the fields in the Actions section as follows:

    • From the Action type menu, select the action that should be taken when a request meets the rule’s conditions. Action types include Block, Allow, and Add signal.
    • Optionally click the Change response link to specify a response code. The default response code is 406.
    • Optionally click the Add action button to add another action.

  5. Fill out the fields in the Details section as follows:

    • From the Request logging menu, select Sampled to store the logs for requests that match the rule’s criteria and None to not store the logs. When you select None, the time series graphs will still include data from requests that match the rule’s criteria. This field is only available for block and allow actions. See Data Storage and Sampling for more information.
    • Leave the Status switch enabled.
    • Click the Change expiration link and select from the menu when the rule should be disabled.
    • In the Description field, enter a description of the rule.

  6. Click the Create site rule button. The request rule is created, and the Site Rules page appears.