Blacklist (Domain)
This blacklist is a domain blacklist, different from the global blacklist. The domain blacklist only takes effect for the current domain.
The domain blacklist can block access requests from specified IP addresses or addresses within a range. Requests blocked by the blacklist, UWAF will record HTTP 444 status code. The domain blacklist is controlled by the on-off switch of the blacklist and whitelist, and only takes effect when the blacklist and whitelist are turned on.
For the priority of various rules, please refer to [rule priority](/docs/uewaf/features/rule/mode#rule priority).
Rule list
The rule list shows all the blacklist rules under the domain. You can query rules according to notes, or modify or delete rules.
| Parameter | Description |
|---|---|
| Rule name | The name of the blacklist rule, it can be any English or Chinese characters encapsulated |
| IP content | The specific IP address contained in the rule, it can be an IP range or CIDR network |
| IP type | The type of IP address in the rule |
| Action | Block or captcha |
| Add method | Manually add or automatically added by malicious IP banning rules |
| Add time | The generation time of the rule |
| Expiration time | The expiration time of the rule, the rule will be invalid after this time |
| Status | Active or expired, only active rules have protection effect |
| Operation | Edit or delete, rules can be modified or deleted |
Add a blacklist
Customize the addition of domain blacklist rules
Rule parameter description
| Parameter | Description |
|---|---|
| IP type | The type of IP address in the rule |
| IP content | The specific IP address contained in the rule, it can be an IP range or CIDR network |
| Action | Block or captcha ● Intercept: Stops matched requests from accessing all paths under the domain ● CAPTCHA: Responds with a CAPTCHA validation page when matched requests are found. If the validation fails, it will be intercepted. If the validation passes, it will not respond with a CAPTCHA validation page again within 10 minutes |
| Valid time | You can set the effective time of the rule or never expire |
| Remarks | Annotations rules, can quickly search rules in the case of many rules |
!> Attention:
1 Please select the domain to be added before adding a domain blacklist;
2 The whitelist added is an IP address. If the blacklist added contains the IP address of the whitelist, the whitelist will only release the specified IP address, and the other same network segment IPs will still be intercepted.
Delete blacklist
After deleting the record of the blacklist, it will no longer intercept or return a verification code page to the IPs or IP ranges in this rule.
Blacklist description
- The maximum number of custom blacklists for each domain is referenced from [performance and quota comparison](/docs/uewaf/steer/version_selection#performance and quota comparison). Each entry can contain 200 IP or IP segments;
- The maximum number of malicious IP blocks added to the blacklist is 10,000. The same malicious IP that triggers the rules within a minute will be merged and added to the blacklist.