# Ban, unban, and allowlist traffic sources

The [Quarantine](https://waap.docs.link11.com/console-walkthrough/security/quarantined) section shows a list of traffic sources (i.e., sources of incoming requests) that are currently banned, blocklisted, and allowlisted.&#x20;

## How to ban a requestor

A traffic source is banned automatically when it violates a [Dynamic Rule](https://waap.docs.link11.com/console-walkthrough/security/dynamic-rules).&#x20;

You cannot manually move a traffic source into quarantine. Instead, you can create a Dynamic Rule to do it for you. The Dynamic Rule's parameters should be as follows:

* It should be active (in other words, the *Inactive* toggle should not be selected).
* *Target* should be set to `IP`
* *Number of events* should be 0
* *Action* should be a blocking action (e.g., `Dynamic-rule block`)
* *Quarantine Time* should be the length of time you wish the ban to last
* The *Exclude* list should be empty
* The *Include* list should not contain `all`
* The *Include* list should contain the tag(s) that will uniquely identify requests coming from the traffic source.

## How to unban a requestor

Manually removing a requestor from quarantine is discussed here: [Cancelling quarantines and preventing False Positives](https://waap.docs.link11.com/console-walkthrough/security/quarantined#cancelling-quarantines-and-preventing-false-positives).

## How to allowlist a requestor

To exempt a traffic sources from potential quarantine, add identifying tags to the [**Exclude** list in the active Dynamic Rules](https://waap.docs.link11.com/console-walkthrough/security/dynamic-rules#include-and-exclude).

To exempt a traffic source from other stages of filtering, do one of the following:

* To bypass all stages of filtering, follow the steps described here: [Bypass Link11 WAAP for Loadtesting or Other Purposes](https://waap.docs.link11.com/using-the-product/how-do-i.../bypassing-rate-limits-for-loadtesting).
* To exempt requests only from bot challenges or content filtering, configure an [ACL Profile](https://waap.docs.link11.com/console-walkthrough/security/acl-policies) with appropriate tag(s) in the *Bypass* list, then use a [Security Policy](https://waap.docs.link11.com/console-walkthrough/security/security-policies) to assign that ACL Profile to the desired paths/URLs.
* To exempt requests only from bot challenges, configure an [ACL Profile](https://waap.docs.link11.com/console-walkthrough/security/acl-policies) with appropriate tag(s) in the *Bot Challenge / Skip* list, then use a [Security Policy](https://waap.docs.link11.com/console-walkthrough/security/security-policies) to assign that ACL Profile to the desired paths/URLs.