Creating ACL rules

You can create and customize your access control lists (ACL, i.e. whitelist/blacklist) using classless inter-domain routing/internet protocol (CIDR/IP) and/or geolocation rules. 

You can create up to 500 rules for each domain, whitelist and blacklist combined. These rules will be applied across all CDNs.

To create ACL rules, navigate to ' Origin Shield' > 'Access control'. 

You need to set the target domain from the ‘ Operation level panel’.

On the header you will see the total amount of rules that you have used for this domain.

CIDR/IP rule

To create a CIDR/IP rule, select either 'Whitelist' or 'Blacklist', then click the 'Add CIDR/IP' button.

You can enter multiple CIDR/IP entries in the entry field. Each line will use up one rule.

After hitting the 'Save' button, the rule should be applied immediately for your domain across all CDNs.

Geolocation rule

To create a geo rule, select either 'Whitelist' or 'Blacklist', then click the 'Add geo' button.

You can select whether you like to ‘include’ or ‘exclude’ the locations that you will select. 

For blacklist

  • choosing ‘Include selected location’ -  will include ALL the chosen locations to the blacklist.
  • choosing ‘Exclude selected location’ -  will include ALL the unchosen locations to the blacklist.

For whitelist:

  • choosing ‘Include selected location’ -  will include ALL the chosen locations to the whitelist.
  • choosing ‘Exclude selected location’ -  will include ALL the unchosen locations to the whitelist.

Each location will use up one rule.

After hitting the 'Save' button, the rule should be applied immediately for your domain across all CDNs.

If there are the same CIDR/IP or geolocation rule in both blacklist and whitelist, the whitelist takes precedence over the blacklist. Also, CIDR/IP rules take precedence over geolocation rules.