Imperva Cyber Community

Hi,

I want to limit some page(url) could only access with specific ip.

ex: www.google.com/topic, could only access by 12.12.12.12

How should I setting on cloud waf to meet my needs?

Hi ZhiXiang, 

This can be accomplished with an IncapRule. (Security Rule)

Within the UI for the onboarded domain, expand Security in the left hand nav and click Rules.

At the top right, click the blue Add Rule button.

Select URL from the first drop down box.

The second filter will determine how to match the URL. If you want a strict match choose "==". This would match strictly /topic.

Alternatively, you could choose "Starts with". This would match /topic/path1, /topic/path2, etc. 

In the Value field, enter /topic

Click the blue +Add button

The editor window should be as displayed below.

Now we need to apply the IP restriction.

From the first drop menu, select Client IP

For the second drop down box, select != (this means, "does not equal")

In the Value box, enter the IP, 12.12.12.12

Click the blue +Add button.

The editor box should now appear as below:

This logic states that if the URL is /topic and the Client IP is not 12.12.12.12, the execute the action.

The next step is to define the action.

From the Action menu, select Security and then Block Request.

Give the rule a name within the Rule Name box and click Save.

The rule should look like the following when you are done.

Hi,

I want to limit some page(url) could only access with specific ip.

ex: www.google.com/topic, could only access by 12.12.12.12

How should I setting on cloud waf to meet my needs?

Hi Jaired,

What is the equivalent for this on on-prem configuration settings? 

I understand that I need to create a policy for that specific URL and match only specific address. 

eg: https://contonso.com/abc123 already present.

What i need to allow is https://contoso.com/xyz345/* which can only be accessed via ip 33.33.33.33, 33.33.32.32 prefixes.

Appreciate your feedback.

TIA.

A

Hi ZhiXiang, 

This can be accomplished with an IncapRule. (Security Rule)

Within the UI for the onboarded domain, expand Security in the left hand nav and click Rules.

At the top right, click the blue Add Rule button.

Select URL from the first drop down box.

The second filter will determine how to match the URL. If you want a strict match choose "==". This would match strictly /topic.

Alternatively, you could choose "Starts with". This would match /topic/path1, /topic/path2, etc. 

In the Value field, enter /topic

Click the blue +Add button

The editor window should be as displayed below.

Now we need to apply the IP restriction.

From the first drop menu, select Client IP

For the second drop down box, select != (this means, "does not equal")

In the Value box, enter the IP, 12.12.12.12

Click the blue +Add button.

The editor box should now appear as below:

This logic states that if the URL is /topic and the Client IP is not 12.12.12.12, the execute the action.

The next step is to define the action.

From the Action menu, select Security and then Block Request.

Give the rule a name within the Rule Name box and click Save.

The rule should look like the following when you are done.

Hi,

I want to limit some page(url) could only access with specific ip.

ex: www.google.com/topic, could only access by 12.12.12.12

How should I setting on cloud waf to meet my needs?