Reblaze Part of Link11
v2.12
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.3.0Mobile SDK v2.2.x
v2.12
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.3.0Mobile SDK v2.2.x
  • Reblaze Portal
  • Introduction to Reblaze
  • Getting Started
  • Reblaze Setup Checklists
  • Marketplace onboarding
  • Console UI Walkthrough
    • Traffic
      • Traffic Concepts
      • Dashboard
      • View Log
    • Security
      • Security Section Concepts
      • Static Rules
      • Dynamic Rules
      • Quarantined
      • Profiles
        • Profile Concepts
        • Profiles
        • ACL Policies
        • WAF/IPS Policies
        • Custom Signature
      • Args Analysis
    • Settings
      • Web Proxy
        • General Settings
        • Application Profiles
        • Security Profiles
      • SSL Management
      • DNS
      • Planet Overview
      • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Using the Reblaze Query Box
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Ban, Unban, and Whitelist Traffic Sources
      • Bypass Rate Limits for Loadtesting
      • Control Caching Behavior
      • Filter by Content
      • Quickly Block an Attacker
      • Secure Traffic from a Third-Party Page
      • Set Rate Limits
      • Set up SIEM/SOC integration
      • Video Tutorials
        • DNS Training
        • SSL Training
    • Reblaze API
      • Reblaze REST API
      • Mobile SDK
  • Reference Information
    • Access log-structure
    • Acronyms
    • Deployment Terminology
    • Hostile Bot Detection / RCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Pattern Matching Syntax
    • Reblaze Signatures
    • TTL Expression Syntax
  • Support
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Using the product
  2. How Do I...

Filter by Content

Blocking requests that do not conform to content policies

There are several ways to filter requests based on their content.

Custom Signatures are a powerful method for specifying content restrictions for traffic. They are included within ACL Policies, which are used within Profiles, which are assigned to various locations of your site/application at Settings->Web Proxy->Security Profiles.

A more direct method is to create content filters directly for a location. This too provides powerful filtering capabilities. Here's a comparison between this and Custom Signatures.

  • Both can deny requests based on their content.

  • Location-based filtering makes it easier to require certain content in incoming requests.

  • Location-based filtering is simpler when setting up different filters for different locations.

  • Custom Signatures are modular, and once defined, they can be re-used in multiple places throughout the interface. A location-based filter definition cannot do this. Instead, you have to manually define the filtering conditions for each location.

Dynamic Rules can be used to rate-limit a requestor, based on the content that is requested.

Args Analysis examines the characters found in arguments. Depending on its mode, it can block requests if unexpected characters are found, or pass them on to the WAF for further inspection. It can also act as an inverse content filter; those requests with arguments which contain only whitelisted characters can bypass WAF filtering.

PreviousControl Caching BehaviorNextQuickly Block an Attacker

Last updated 5 years ago

Was this helpful?