Ban, unban, and allowlist traffic sources

The Quarantine section shows a list of traffic sources (i.e., sources of incoming requests) that are currently banned, blocklisted, and allowlisted.

How to ban a requestor

A traffic source is banned automatically when it violates a Dynamic Rule.

You cannot manually move a traffic source into quarantine. Instead, you can create a Dynamic Rule to do it for you. The Dynamic Rule's parameters should be as follows:

It should be active (in other words, the Inactive toggle should not be selected).
Target should be set to IP
Number of events should be 0
Action should be a blocking action (e.g., Dynamic-rule block)
Quarantine Time should be the length of time you wish the ban to last
The Exclude list should be empty
The Include list should not contain all
The Include list should contain the tag(s) that will uniquely identify requests coming from the traffic source.

How to unban a requestor

Manually removing a requestor from quarantine is discussed here: Cancelling quarantines and preventing False Positives.

How to allowlist a requestor

To exempt a traffic sources from potential quarantine, add identifying tags to the Exclude list in the active Dynamic Rules.

To exempt a traffic source from other stages of filtering, do one of the following:

To bypass all stages of filtering, follow the steps described here: Bypass Link11 WAAP for Loadtesting or Other Purposes.
To exempt requests only from bot challenges or content filtering, configure an ACL Profile with appropriate tag(s) in the Bypass list, then use a Security Policy to assign that ACL Profile to the desired paths/URLs.
To exempt requests only from bot challenges, configure an ACL Profile with appropriate tag(s) in the Bot Challenge / Skip list, then use a Security Policy to assign that ACL Profile to the desired paths/URLs.

PreviousAuthenticate mobile app users NextBypass Link11 WAAP for loadtesting or other purposes

Last updated 3 days ago

Was this helpful?

How to ban a requestor

A traffic source is banned automatically when it violates a Dynamic Rule.

You cannot manually move a traffic source into quarantine. Instead, you can create a Dynamic Rule to do it for you. The Dynamic Rule's parameters should be as follows:

It should be active (in other words, the Inactive toggle should not be selected).

Target should be set to IP

Number of events should be 0

Action should be a blocking action (e.g., Dynamic-rule block)

Quarantine Time should be the length of time you wish the ban to last

The Exclude list should be empty

The Include list should not contain all

The Include list should contain the tag(s) that will uniquely identify requests coming from the traffic source.

How to allowlist a requestor

To exempt a traffic sources from potential quarantine, add identifying tags to the Exclude list in the active Dynamic Rules.

To exempt a traffic source from other stages of filtering, do one of the following:

To bypass all stages of filtering, follow the steps described here: Bypass Link11 WAAP for Loadtesting or Other Purposes.

To exempt requests only from bot challenges or content filtering, configure an ACL Profile with appropriate tag(s) in the Bypass list, then use a Security Policy to assign that ACL Profile to the desired paths/URLs.

To exempt requests only from bot challenges, configure an ACL Profile with appropriate tag(s) in the Bot Challenge / Skip list, then use a Security Policy to assign that ACL Profile to the desired paths/URLs.