Blocking Part of a Website¶

You can enable blocking of a part of a website by using the Wallarm-NGINX
configuration file.

To enable blocking, use the directives:

location – an NGINX directive.
wallarm_mode block – a Wallarm directive.

Configuring blocking of a part of a website:

Open for editing the configuration file in the /etc/nginx-wallarm directory.
Set the blocking rules in the $wallarm_mode_real variable and the location to apply the rules in the location block:
```
http {
    ...
    geo $wallarm_mode_real { 
        default block;
        1.1.1.1/24 monitoring;
        2.2.2.2 off;
    }
    ...
    server {
        ...
        location /<some_location>/ { 
            wallarm_mode $wallarm_mode_real;
        }
    } 
}
```
The blocking rules in the $wallarm_mode_real variable apply to requests that target URLs containing /some_location/ as substrings:
- default block — by default, process all the requests and block all the attacks;
- 1.1.1.1/24 monitoring — process all the requests coming from an IP-address from the «1.1.1.1» — «1.1.1.254» pool, but do not block any, even if an attack is detected;
- 2.2.2.2 off — do not filter any requests coming from the «2.2.2.2» IP-address.

Disable Blocking of the Wallarm Scanner IP Addresses

Note that if you use the blocking mode by default (default block;) when detecting malicious requests, you must explicitly specify for the Wallarm scanner a list of IP addresses from which requests should not be blocked.

You can read more about disabling the blocking mode for scanner IP addresses here.