Closed channchetra closed 2 months ago
xbingW
commented
2 months ago At present, the above functions are already supported. You can add a blacklist that denies all IPs, and then add a whitelist that allows specific IPs. In the rule conditions, you can use Host = xx.com to match specific sites. For geographical location-based Access control, the professional version also supports
channchetra
commented
2 months ago At present, the above functions are already supported. You can add a blacklist that denies all IPs, and then add a whitelist that allows specific IPs. In the rule conditions, you can use Host = xx.com to match specific sites. For geographical location-based Access control, the professional version also supports
thank you so much but one more currently I can protect waf.xample.com but how can we protect 101.102.103.5:9443 ?
What would you like to be added or improved?
We would like the ability to restrict access to specific websites by defining an IP address group or rule. This feature should allow only designated IP addresses, such as office IPs, VPN IPs, or IP addresses from certain geographical regions, to access the website, while denying all other traffic or redirecting it to an alternate domain.
Examples of the desired functionality:
Domain: cms.example.com
Domain: store1.example.com
Why is it needed?
This feature is crucial for improving security and controlling access to sensitive parts of the platform. Some scenarios where this is particularly needed include:
Superadmin access: For domains used by superadmins (e.g., cms.example.com), access should be limited to specific IP addresses, such as office IPs or VPN IPs, for security purposes.
Protected platforms: Some platforms like safeline, which operates on 101.102.103.5:9443 or waf.example.com, should only be accessible by office or VPN IP addresses. Public access should be strictly denied for enhanced security.