API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
WAAP
WAAP
About WAAPBilling
Configure WAAP for a domainWAAP modesManage domains protected with WAAP
Protocol validationWAF and OWASP top threatsIP reputationBehavioral WAFAnti-automation and bot protectionCMS protectionCommon automated servicesAdvanced API protection
Allow and block IP addresses in firewall
Configure API access with reserved tags
Advanced rate limiting rulesAdvanced rule objects and attributesSource field objects
Create and manage custom rules
Reserved tagsPredefined tags
Create custom response pagesManage custom response pages
How does JavaScript injection work?What cookies are used by WAAP?What storage variables does WAAP use?
Enable and troubleshoot bot protectionTroubleshoot blocked usersTroubleshoot 5xx errors
API
Chosen image
Home/WAAP/WAAP rules/Custom rules/Tag rules

Tag rules

As part of the WAAP custom rules, you can create rules based on specific tags to filter incoming traffic. A tag contains information about a user and is attached to their request. Tag rules are just one component of our robust rule engine.

Types of tag rules

You can use two types of tag rules:

  • Tag-based rules. Create rules using our predefined set of tags.

  • Tag-generating rules. You can create rules that will generate tags based on specific conditions. For example, if the request contains a certain header, tag such request with tagname. These generated tags are also known as user-defined tags and they can be used to modify custom rules and create more complex ones.

We recommend inspecting the details of your WAAP requests before creating tag-based rules. These details contain information about user activity, which can clarify which tags should be used for filtering traffic.

Tag-based rules

We offer a predefined set of tags that you can use to create tag-based rules. These tags should be added to “if/then” statements of your rule and let you block or allow certain requests to a domain.

For example, check the following tag-based rule that blocks traffic if the tag associated with the request contains Hosting Services. You might want to prevent such traffic from reaching your domain because these IPs are more likely to belong to automated users rather than humans.

Example of a tag-based rule

Tag generating rules

You can also create rules that will generate any tags of your choice based on the conditions you define. These generated tags are known as user-defined tags.

Once you create a user-defined tag, it’s automatically added to the list of pre-defined tags and becomes available for use in a tag-based rule.

The following examples demonstrate how you can apply user-defined tags.

Let's say you run an online shop that requires users to log in before checking out an order. You can create a rule that will generate a custom tag called validuser if the request header named set-cookie contains a cookie named mycookie, which indicates that the user is logged in.

Example of a tag-based rule

In this case, validuser will be your new user-defined tag that's now available for use in a tag-based rule.

Example of a tag-based rule

Consider that rules with user-defined tags run before the rules, which use our pre-defined sets of tags.

For more examples of tag generating rules, check out the Reserved tags (user-defined) guide.

Was this article helpful?

Edit on GitHub