Creating, editing, and deleting firewall rules
IBM Cloud® Internet Services firewall rules offer power and flexibility by targeting HTTP traffic and applying custom criteria to block, challenge, log, or allow certain requests.
You can create many types of firewall rules. However, the number of active rules on your site is limited by your customer plan. See the Plan comparison page for more information on entitlements.
The number of active rules per plan is fixed. You cannot purchase additional active rules at this time.
Before getting started, it's a good idea to become familiar with Using fields, functions, and expressions.
Creating a firewall rule
Take the following steps to configure a basic firewall rule:
-
Navigate to Security > Firewall Rules.
-
Click Create Firewall Rule.
-
Enter a rule name and optional description.
-
Optionally, input a priority, if necessary. Note that a priority of zero is a null priority and is evaluated last.
-
Use the UI builder in the Incoming requests section to add a condition. To build an expression with multiple conditions, click either:
- And - to evaluate conditions using and logic
- Or - to evaluate conditions or groups of previously and'ed conditions using or logic
You can see that as you build a condition, the Expression Preview shows the expression in plain text.
In the Expression Preview, you can click to edit your expression manually instead of using the Visual Expression Builder, or switch between the two. However, depending on the complexity of a manually constructed expression, the Visual Expression Builder might be unable to render it.
-
Pick an action from the Response list menu.
-
To save your rule, choose the most appropriate option by clicking either:
- Save as draft to save your rule, but leave it disabled.
- Save and deploy to save your rule and activate it.
Editing a firewall rule
Take the following steps to edit an existing rule:
- Navigate to Security > Firewall Rules.
- In the Firewall Rules table, locate the rule you want to modify, then click the overflow menu on the right of the row.
- Select Edit.
- Make your changes to the rule.
- To save your rule, choose the most appropriate option by clicking either:
- Save as draft to save your rule, but leave it disabled.
- Save and deploy to save your rule and activate it.
To pause or activate any rule in the list of existing rules, click the Enabled toggle.
Deleting a firewall rule
Take the following steps to delete an existing rule:
- Navigate to Security > Firewall Rules.
- In the Firewall Rules table, locate the rule to modify and click the overflow menu on the right of the row.
- Select Delete.
- Confirm the rule deletion.