Whitelist rules allow you to permit requests with specific characteristics. These requests bypass all or certain protection rules, such as custom rules, rate limiting, managed rules, scan protection, and bot management.
Create a whitelist rule
In the ESA console, go to Websites. In the Actions column for the target site, click
> WAF.On the website details page, navigate to .
On the Whitelist Rules tab, click Create Rule.
Enter a Rule Name.
In the If requests match... section, specify the request characteristics. For more information, see Composition of a rule expression.
In the Then skip... section, specify the protection rules to skip.
All Rules: Bypasses all WAF and bot management rules.
Specific Rule Category/ID: Select rules to bypass. For example, for managed rules, you can enter a rule ID of specify a rule type, such as bot management or rate limiting.
Click OK.
Availability
Quota | Entrance | Pro | Premium | Enterprise |
Number of whitelist rules | 2 | 3 | 5 | 10 |