Update custom rules for customers or partners
You may want to adjust your custom rules to increase access by customers or partners.
Potential examples include:
- Removing rate limiting for an API
- Sharing brand assets and marketing materials
If a customer or partner is large enough, you could set up a custom rule based on an autonomous system number (ASN) ↗.
This example uses:
- The
ip.geoip.asnumfield to specify the general region. - The
cf.bot_management.scorefield to ensure partner traffic does not come from bots.
Example rule:
- Expression:
(ip.geoip.asnum eq 64496 and cf.bot_management.score gt 30) - Action: Skip:
- All remaining custom rules
This example uses:
- The
ip.geoip.asnumfield to specify the general region. - The
cf.threat_scoredynamic field to ensure requests are not high-risk traffic.
If a request meets these criteria, your custom rule skips User Agent Blocking rules.
- Expression:
(ip.geoip.asnum eq 64496 and cf.threat_score lt 14) - Action: Skip:
- User Agent Blocking
For smaller organizations, you could set up custom rules based on IP addresses.
This example:
- Specifies the source IP address and the host.
- Uses the
cf.bot_management.scorefield to ensure requests are not high-risk traffic.
Example rule:
- Expression:
(ip.src eq 203.0.113.1 and http.host eq "example.com" and cf.bot_management.score gt 30) - Action: Skip:
- All remaining custom rules
This example specifies the source IP address and the host.
If a request meets these criteria, it will skip rate limiting rules.
- Expression:
(ip.src eq 203.0.113.1 and http.host eq "example.com") - Action: Skip:
- All remaining custom rules