Blocking Part of a Website¶
You can enable blocking of a part of a website by using the Wallarm-NGINX
configuration file.
To enable blocking, use the directives:
-
location
– an NGINX directive. -
wallarm_mode block
– a Wallarm directive.
Configuring blocking of a part of a website:
-
Open for editing the configuration file in the
/etc/nginx‑wallarm
directory. -
Set the blocking rules in the
$wallarm_mode_real
variable and the location to apply the rules in thelocation
block:http { ... geo $wallarm_mode_real { default block; 1.1.1.1/24 monitoring; 2.2.2.2 off; } ... server { ... location /<some_location>/ { wallarm_mode $wallarm_mode_real; } } }
The blocking rules in the
$wallarm_mode_real
variable apply to requests that target URLs containing/some_location/
as substrings:default block
— by default, process all the requests and block all the attacks;1.1.1.1/24 monitoring
— process all the requests coming from an IP address from the «1.1.1.1» — «1.1.1.254» pool, but do not block any, even if an attack is detected;2.2.2.2 off
— do not filter any requests coming from the «2.2.2.2» IP address.
Disable Blocking of the Wallarm Scanner IP Addresses
Note that if you use the blocking mode by default (default block;
) when detecting malicious requests, you must explicitly specify for the Wallarm scanner a list of IP addresses from which requests should not be blocked.
You can read more about disabling the blocking mode for scanner IP addresses here.