This criterion lets you match based on an IP address, a range of IP addresses, or a CIDR block. Use it to deny access to particular end users.
To use this criterion to match end-user IP addresses, apply it together with the Request Type match set to CLIENT_REQ.
You can select the following logical conditions:
|Value||The Rule is True When...|
|is one of||the incoming request includes any of the IP addresses or CIDR blocks you provided.|
|is not one of||the incoming request does not include any of the IP addresses or CIDR blocks you provided.|
Enter the IP addresses and CIDR blocks in the text box provided. For example:
For a large number of values, you can paste the addresses and separate them with a space, comma, or carriage return.
Consider X-Forwarded-For IP. You can select whether to use the client IP address from the connecting IP address or the X-Forwarded-For header value.
When a client connects to the edge platform using an HTTP proxy or a load balancer, the X-Forwarded-For (XFF) HTTP header identifies the originating IP address of that client.
Updated 3 months ago