You can configure whitelist rules to allow requests with the specified characteristics, exempting them from all or certain rules, including custom rules, rate limiting rules, managed rules, scan protection rules, and bot management rules.
Create a whitelist rule
In the ESA console, choose Websites and click the website name you want to manage.
In the left-side navigation pane of your website details page, choose . On the WAF page, click the Whitelist Rules tab.
On the Whitelist Rules tab, click Create Rule.
On the page that appears, specify Rule Name.
Specify the conditions for matching incoming requests in the If requests match... section. For more information, see Work with rules.
Specify the rules that you want to skip in the Then skip... section.
All Rules: All Web Application Firewall (WAF) and bot management rules are skipped.
Certain Rules: You can select specific rules that you want to skip. If you select Managed Rules from the drop-down list, you can specify the type such as SQL injection or ID of the rule that you want to skip.
Click OK.
Availability
Feature | Entrance | Pro | Premium | Enterprise |
Whitelist rules | 2 | 3 | 5 | 10 |