The Request Control Cloudlet allows you to provide conditional access to your website or application by defining and managing allow lists and deny lists based on a number of match criteria, including the IP address and/or geography associated with incoming requests. In addition, you can have a branded 403 (Forbidden) page display when a user is denied access.
The default for Request Control is to give access to all requests. You use your rules to restrict access.
The default for Request Control is to give all requests access. You use your rules to restrict access.
Here are diagrams that show how Request Control works.
For the allow list example, when a visitor requests a page and the IP address or geography is allowed based on the rules, that visitor can view the page. If the visitor's IP address or geography is not included in the rules, that visitor will receive a 403 (Forbidden) error.
Conversely, for a deny list, if a visitor requests a page from an IP address or geography that's denied based on the rules, the visitor will receive a 403 error.
The default for Request Control is to allow access to all requests. You need to set up rules in order to restrict access.
The Request Control Cloudlet supports these use cases:
If there is a set of IP addresses that are from illegitimate sources, you can set up a simple IP blacklist to prevent requests from these IP addresses.
Support for Business Objectives
You may want to block certain geographies for the following reasons:
You may want to block geographic locations known to have a higher percentage of malicious traffic.
To temporarily block a geography with suspected malicious traffic, set up a rule with a custom date range.
If a geography is consistently the source of malicious traffic, select Always On when configuring the rule.
If you have a test or staging environment, you want to set up rules that allow access only to the customers or vendors that should have access to these non-production environments.
You can also set up a whitelist for IP addresses that are part of your local network before a site/property is made public. This will ensure privacy before the site is officially launched.
If you use monitoring tools (like Keynote), you will want to allow access to the IP addresses provided by the monitoring service.
Sites targeted to a specific geographic region
If you have a site that's specific to a certain geographic region, you may want to set up a whitelist to avoid incurring the cost of delivering traffic from regions outside the target audience.
Updated 2 months ago