You are correct; using a policy is also an acceptable method.
The benefit of using a policy is that it can be created once and applied to multiple websites.
The benefit of a using a security rule is that there are more filtering options available if needed/desired.
Original Message:
Sent: 01-23-2024 06:48
From: Pratik Ghotkar
Subject: Can we setup a Source IP filtering based on the URL ?
------------------------------
Pratik Ghotkar
Technical User
Prudential Services Singapore Pte Ltd
Singapore
Original Message:
Sent: 01-22-2024 10:01
From: Jaired Anderson
Subject: Can we setup a Source IP filtering based on the URL ?
Hi Pratik,
Use a semi-colon ;
to combine several like values into a list.
For example:
URL contains "^/images" & ClientIP == 10.10.10.10;
10.10.10.11;
10.50.10.0/24;
10.51.11.0/24
- 10.10.10.10
- 10.10.10.11
- 10.50.10.0/24
- 10.51.11.0/24
------------------------------
Jaired Anderson
Imperva
https://www.imperva.com/
Original Message:
Sent: 01-22-2024 06:16
From: Pratik Ghotkar
Subject: Can we setup a Source IP filtering based on the URL ?
great thanks, how will be syntax is I have multiple public IPs and/or whole subnets
------------------------------
Pratik Ghotkar
Technical User
Prudential Services Singapore Pte Ltd
Singapore
Original Message:
Sent: 01-17-2024 10:41
From: Jaired Anderson
Subject: Can we setup a Source IP filtering based on the URL ?
Hi Pratik,
This is easily achievable via a Security rule. (incaprule) Rules are located at the site level within the left hand navigation under Security > Rules.
As an example, you could use something like the following:
If the URL Starts with images and the IP is NOT 10.10.10.10 then Block.
The IP would be set to the IP or IPs/Networks that you do want to allow access.
------------------------------
Jaired Anderson
Imperva
https://www.imperva.com/
Original Message:
Sent: 01-17-2024 06:37
From: Pratik Ghotkar
Subject: Can we setup a Source IP filtering based on the URL ?
Supposed I am allowing xya.com/welcome from all internet and want to allow the xya.com/images specific Public IP not to all.
If yes , please let me know how.
#CloudWAF(formerlyIncapsula)
------------------------------
Pratik Ghotkar
Technical User
Prudential Services Singapore Pte Ltd
Singapore
------------------------------