Network ACLs
Network ACLs enable fine-grained control per client IP address. Leveraging Network ACLs you can create lists to block offending IP addresses or allow certain IP addresses in a protected domain or URL.
Use cases
Offices that restrict access to administrative domains
Blocking bad actors directly on the edge
Preventing web scrapping from certain IP addresses
Bypass Transparent Edge WAF or Bot Mitigation for secure addresses
Create and manage Network ACLs
Login into the dashboard and look for the "IP Lists" button section in the left side panel.
This sections allows you to create, delete and modify network ACL lists.
How to use a Network ACL
First, take note of the name of the Network ACL, for example acl_c4_mylist
.
Now, create a new VCL configuration cloning the last one.
Modify and adapt one of the below examples for your use case.
Deny list example
Use the following conditional to combine multiple deny lists together:
Allow list example
Here we just inverted the condition to transform this into an allow list (only the IPs present in the ACL will be accepted)
Use the following conditional to combine multiple allow lists together:
Manage lists via API
Lists can also be managed using our API.
Please check our API docs for the details of the endpoints.
Query lists
GET
/v1/companies/<COMPANY_ID>/lists
GET
/v1/companies/<COMPANY_ID>/lists/<LIST_ID>
Create a list
POST
/v1/companies/<COMPANY_ID>/lists
Example payload, always use the service id 5, as that is the service for auto-provision:
Update a list
Add IPs
POST
/v1/companies/<COMPANY_ID>/lists/<LIST_ID>/<IP>/<PREFIX>
Example:
/v1/companies/4/lists/25/1.1.1.1/32
Delete IPs
DELETE
/v1/companies/<COMPANY_ID>/lists/<LIST_ID>/<IP>/<PREFIX>
Last updated