forked from docs/doc-exports
qiaoli
46c8216518
Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com> Co-authored-by: qiaoli <qiaoli@huawei.com> Co-committed-by: qiaoli <qiaoli@huawei.com>
3.8 KiB
3.8 KiB
How Do I Allow Requests from Only IP Addresses in a Specified Geographical Region?
If you allow only IP addresses in a region to access the protected domain name, for example, only IP addresses from Australia can access the protected domain name, take the following steps:
Geolocation access control rules have higher priority than built-in WAF rules. If you configure a geolocation access control rule to allow IP addresses from a certain location, WAF then forwards traffic from those IP addresses without performing basic web protection checks.
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner and choose Web Application Firewall (Dedicated) under Security. - In the navigation pane on the left, choose Policies.
- Click the name of the target policy to go to the protection configuration page.
- In the upper left corner above the Geolocation Access Control list, click Add Rule.
- Add a geolocation access control rule: Select Australia for Geolocation and select Allow for Protective Action.Figure 1 Selecting Allow for Protective Action
- In the upper left corner above the Precise Protection rule list, click Add Rule. Configure a precise protection rule to block all requests.Figure 2 Blocking all access requests
Parent topic: Protection Rules