Imperva Cyber Community

Expand all | Collapse all

Advanced Bot Protection IP Whitelisting

Jump to Best Answer
  • 1.  Advanced Bot Protection IP Whitelisting

    Posted 30 days ago
    Hi,

    We are considering implementing policies that whitelist traffic based on the ABP IP field. We are running an NGINX integration connector on-prem that sits between our F5 WAF and the websies/API's being called.

    My questions where this value comes from: TCP/IP layer or http headers? My assumption would be that NGINX as a reverse proxy knows the client's IP from the Transport Layer and then adds that to the http headers in the ABP API call using this line from a given lua block:
    "proxy_set_header X-Forwarded-For $remote_addr;".
    i.e. the remote_addr being the client Ip and the X-Forwarded-For header what the ABP picks up and logs in the traffic logs, and what ultimately is used for IP whitelisting in the policies.

    Reason for wanting to known is th-o be able to assess the risk of this IP being spoofed by scrapers.

    Many thanks
    Johan
    #AdvancedBotProtection

    ------------------------------
    Johan Genbrugge
    IT Solution Architect
    Halle
    ------------------------------


  • 2.  RE: Advanced Bot Protection IP Whitelisting
    Best Answer

    Imperva Employee
    Posted 28 days ago
    Hi Johan,

    I think you should be able to find the answer to your query here: 

    https://docs.imperva.com/bundle/advanced-bot-protection/page/77896.htm 

    Let me know if you have any further questions.

    Thanks,

    ------------------------------
    John Cosgrove
    ------------------------------



  • 3.  RE: Advanced Bot Protection IP Whitelisting

    Community Manager
    Posted 27 days ago
    Hey Johan,

    I'm not sure if you've seen the events page, but we have an "Ask Me Anything" around Advanced Bot Protection on Oct 13. Advanced Bot Protection AMA (Ask Me Anything) - Imperva Customer Community

    Come along with your ABP questions. You can also submit questions here to be addressed during the event! John and Jim are a great AMA team so this will be a great one to catch!!

    THanks,

    Sarah

    ------------------------------
    Sarah Lamont(csp)
    Digital Community Manager
    ------------------------------



  • 4.  RE: Advanced Bot Protection IP Whitelisting

    Posted 26 days ago
    Thanks John, That is indeed exactly what I'm looking for. And yes, we do use that setting in the website policies. Many thanks and have a great week-end!

    ------------------------------
    Johan Genbrugge
    IT Solution Architect
    Halle
    ------------------------------