About Request Control

The Request Control Cloudlet allows you to provide conditional access to your website or application by defining and managing allow lists and deny lists based on a number of match criteria, including the IP address and/or geography associated with incoming requests. In addition, you can have a branded 403 (Forbidden) page display when a user is denied access.

The default for Request Control is to give access to all requests. You use your rules to restrict access.

Workflow

The default for Request Control is to give all requests access. You use your rules to restrict access.

Here are diagrams that show how Request Control works.

For the allow list example, when a visitor requests a page and the IP address or geography is allowed based on the rules, that visitor can view the page. If the visitor's IP address or geography is not included in the rules, that visitor will receive a 403 (Forbidden) error.

Conversely, for a deny list, if a visitor requests a page from an IP address or geography that's denied based on the rules, the visitor will receive a 403 error.

📘

The default for Request Control is to allow access to all requests. You need to set up rules in order to restrict access.

Allow list example

allowlist-exampleallowlist-example

Deny list example

blocklist-exampleblocklist-example

Use cases

The Request Control Cloudlet supports these use cases:

Use Case

Description

Blocking Requests

Illegitimate Requests

If there is a set of IP addresses that are from illegitimate sources, you can set up a simple IP blacklist to prevent requests from these IP addresses.

Support for Business Objectives

You may want to block certain geographies for the following reasons:

  • you have a site that is for a specific country with offerings and pricing tailored to that country.
  • a geographic location is not important to your current business objectives.
  • Malicious Traffic

    You may want to block geographic locations known to have a higher percentage of malicious traffic.

    To temporarily block a geography with suspected malicious traffic, set up a rule with a custom date range.

    If a geography is consistently the source of malicious traffic, select Always On when configuring the rule.

    Allowing Requests

    Test/Staging Environments

    If you have a test or staging environment, you want to set up rules that allow access only to the customers or vendors that should have access to these non-production environments.

    You can also set up a whitelist for IP addresses that are part of your local network before a site/property is made public. This will ensure privacy before the site is officially launched.

    Monitoring Tools

    If you use monitoring tools (like Keynote), you will want to allow access to the IP addresses provided by the monitoring service.

    Sites targeted to a specific geographic region

    If you have a site that's specific to a certain geographic region, you may want to set up a whitelist to avoid incurring the cost of delivering traffic from regions outside the target audience.

    To learn more about Cloudlets basics, see:
    How Cloudlets work
    Cloudlets terminology
    Property and Cloudlet policy considerations


    Did this page help you?