Custom access control rules - - Alibaba Cloud Documentation Center

Custom rules allow you to control user access to resources on your website. To create a custom rule for your website, specify the match conditions and action such as block or monitor that you want to perform on incoming requests that meet the conditions.

Create a custom rule

Log on to the ESA console.
In the left-side navigation pane, click Websites.
On the Websites page, find the website that you want to manage, and click the website name or View Details in the Actions column.
In the left-side navigation tree, choose Security > WAF. The Custom Rules tab is displayed.
On the Custom Rules tab, click Create Rule.
- On the page that appears, specify Rule Name.
- Specify the characteristics of requests in the If requests match... section. For more information, see WAF.
- Specify the action that you want to perform in the Then execute... section. For more information, see WAF.
Click OK.

Configuration example

The following figure shows a sample custom rule. This rule specifies that if the requested hostname is www.example.com and client IP address is 123.123.XX.XX, the request is blocked, and the default HTTP 403 error page is returned.

Feature availability

Feature	Basic	Standard	Advanced	Enterprise
Custom rules	5	20	100	200