Web Application Security: White / Blacklist Support for Visitor IP's
I would like to see an option to deny or allow certain ip adresses that can access the webservers. Not only based on country but on the ip adres itself.
otto mayer commented
would be great to block attackers automatically for a time
I would like to have this too. Now you have to use the ip/domain restrictions on the webserver itself. It would be logical to manage this on the UTM itself.
Cant you just do a Hacker(group) -> External Interface(group) -> NAT -> Blackhole(IP) ?
Stephan Krol commented
We need this featuere also very much.
This feature is really needed, currently there doesn't seem to be a good way of blacklisting malicious IPs
isn't that the same as the feature-request
"Source IP restriction for website / paths" (ID 3150641).
If not... we also need to restrict access to a single (or range of) host(s).
That's useful for outsourced *********** tests in order to enable
that company to perform tests under real conditions before a
portal get's productive.
Best regards, Uwe
We also require this feature. It's quite hard to explain to management how the firewall which we've purchased to protect our webserver can't restrict access based on ip address. Could it be implemented similar to the "Automatic Firewall Rule" option when creating NAT rules?
i would suggest that this is a wonderful idea
dieter schenk commented
we need it too
I think a must have, many customers want that
This would be a great feature, I have a website that is allowed access from only 1 IP address, because soap commands are coming in from one webserver. Now I have to arrange that with NAT, but I miss the security that the reverse proxy server provides.
Would be really nice to have this feature. While one can set this in apache on each web server, the appropriate place is on the reverse proxy.
It is very importnt for my company to add a feature to WAF for limit web trafic from certain IPs
May be useful to add a feature to WAF so that it can process only web trafic from certain IPs