Link11 WAAP
v2.16
v2.16
  • Link11 WAAP v2.16 Portal
  • Introduction
  • Getting Started
  • Setup Checklists
  • Marketplace onboarding
  • Console UI Walkthrough
    • General UI flow
    • Traffic
      • Traffic Concepts
      • Dashboard
      • View Log
    • Security
      • Security Section Concepts
      • Dynamic Rules
      • Quarantined
      • Profiles
        • Profile Concepts
        • Profiles
        • ACL Policies
        • WAF/IPS Policies
        • Custom Signature
      • Args Analysis
      • Tag Rules
      • Rate Limiting
      • Cloud Functions
    • Settings
      • Web Proxy
      • Backend Services
      • Error Pages
      • SSL
      • DNS
      • Planet Overview
      • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Using the Reblaze Query Box
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Ban, Unban, and Whitelist Traffic Sources
      • Bypass Rate Limits for Loadtesting
      • Control Caching Behavior
      • Filter by Content
      • Quickly Block an Attacker
      • Secure Traffic from a Third-Party Page
      • Set Rate Limits and Exemptions
      • Set up SIEM/SOC integration
      • Video Tutorials
        • DNS Training
    • API
      • Reblaze REST API
      • Mobile SDK
  • Reference Information
    • Access log-structure
    • Acronyms
    • Deployment Terminology
    • Hostile Bot Detection / RCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Pattern Matching Syntax
    • Signatures
    • Tags
    • TTL Expression Syntax
  • Support
Powered by GitBook
On this page
  • Overview
  • Main Display
  • Banlist
  • Simulation Banlist
  • Blacklist
  • Whitelist
  • Managing Requestors on the Lists
  • Adding an Entry
  • Transferring an Entry
  • Removing an Entry
  • Automatic Removal
  • Manual Removal

Was this helpful?

Export as PDF
  1. Console UI Walkthrough
  2. Security

Quarantined

Administer the lists of which requestors are banned and/or permitted access

PreviousDynamic RulesNextProfiles

Last updated 3 years ago

Was this helpful?

Overview

The quarantined section will show requestors that have been banned for violation of the and rules, requestors that have been blacklisted, and requestors that have been whitelisted. You can add and remove requestors, and transfer them among the various lists.

Main Display

There are four lists of requestors in this section:

  1. Banlist

  2. Simulation Banlist

  3. Blacklist

  4. Whitelist

Each is described in more detail below.

For each entry, it's possible to see the following: IP address, origin country, AS number, the violation that was triggered, "CNT/Limit" (the number of violations compared to the allowable limit), when the ban began, and when the ban will expire.

Banlist

All requests from these requestors are currently being rejected. These requestors violated a rule that was set to “Ban” mode.

Simulation Banlist

These requestors are NOT having all their requests rejected. These requestors violated a rule that was set to “Simulated Ban” mode. Simulated Bans are used mainly for testing new rules and seeing how they function, before converting those rules to Ban mode.

Blacklist

All requests from these requestors are currently being rejected. These requestors were placed here by a Reblaze admin.

Whitelist

These requestors are exempted from the Dynamic Rules and Rate Limiting Rules. For example, even if they violate a rate limit, they will not be banned.

Managing Requestors on the Lists

Adding an Entry

Banlist and Simulation Banlist

Requestors are added to the Banlist and Simulation Banlist automatically when they violate a Dynamic Rule or Rate Limiting Rule.

Blacklist and Whitelist

You can add a requestor manually to the Whitelist or Blacklist using the "Add New Entry" option in the section menu. This is demonstrated in the following video:

The fields are:

Field Name

Description

Type

Cookie, Country, ASN, IP, Request Body, Request Header.

Name

Will appear for specific types: Cookie (Name), Headers, etc.

Value

The value which will activate the blacklisting. For example, when Type is "IP", the blacklistable IP address would be entered here.

Reason

User description of the reason for adding this entry.

Expiration

The expiration of the entry, in Hours or Minutes (only relevant for blacklists).

Transferring an Entry

Requestors can be transferred among the various lists with this procedure:

  1. Select the requestor(s) by checking the box at the left of each entry.

  2. Open the section menu.

  3. Choose the desired "Move to" command (e.g., "Move to Whitelist").

Moving an item to the Banlist can only be done from the Simulation Banlist.

Removing an Entry

Automatic Removal

Requestors on the Banlist, Simulation Banlist, or Blacklist will be automatically removed when their expiration time is reached. (The Whitelist has no expiration time.)

Manual Removal

Requestors can be manually removed from the list they are currently on:

  1. Select the requestor(s) by checking the box at the left of each entry.

  2. Choose "Delete".

On the right part of the screen is the section menu, invoked via the button with three vertical dots:. Depending on context, the section menu will offer the management abilities described below.

Open the section menu by clicking on its button ().

Dynamic Rules
Rate Limiting
Adding new entry - Example
Quarantined requestors