The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Chosen image

Tag rules

As part of the WAAP custom rules, you can create rules based on specific tags to filter incoming traffic. A tag contains information about a user and is attached to their request. Tag rules are just one component of our robust rule engine.

Types of tag rules

You can use two types of tag rules:

  • Tag-based rules. Create rules using our predefined set of tags.

  • Tag-generating rules. You can create rules that will generate tags based on specific conditions. For example, if the request contains a certain header, tag such request as "tagname". These generated tags are also known as "user-defined tags" and they can be used to modify custom rules and create more complex ones.

We recommend inspecting the details of your WAF requests before creating tag-based rules. These details contain information about user activity, which can clarify which tags should be used for filtering traffic.

Tag-based rules

We offer a predefined set of tags that you can use to create tag-based rules. These tags should be added to “if/then” statements of your rule and let you block or allow certain requests to a domain.

For example, check the following tag-based rule that blocks traffic if the tag associated with the request contains Hosting Services. You might want to prevent such traffic from reaching your domain because these IPs are more likely to belong to automated users rather than humans.

Example of a tag-based rule

Tag generating rules

You can also create rules that will generate any tags of your choice based on the conditions you define. These generated tags are known as user-defined tags.

Once you create a user-defined tag, it’s automatically added to the list of pre-defined tags and becomes available for use in a tag-based rule.

For example, let's say you run an online shop that requires users to log in before checking out an order. You can create a rule that will generate a custom tag called validuser if the request header named set-cookie contains a cookie named mycookie, which indicates that the user is logged in.

In this case, validuser will be your new user-defined tag that's now available for use in a tag-based rule.

Consider that rules with user-defined tags run before the rules, which use our pre-defined sets of tags.

Was this article helpful?