Rules
Rules are the core mechanism for protecting your sites. Each rule defines a condition and an action to take when a visitor matches that condition.
Rule Structure
Every rule has three parts:
- Condition — What to match (IP, country, user agent, rate, etc.)
- Action — What to do when matched (block, challenge, redirect, allow)
- Priority — Evaluation order (lower number = higher priority)
Condition Types
| Type | Description | Example |
|---|---|---|
ip | Match specific IP or CIDR range | 192.168.1.0/24 |
country | Match by GeoIP country code | CN, RU, KP |
user_agent | Regex match on User-Agent header | /bot|crawler/i |
rate_limit | Requests per time window | 100 per 60s |
path | URL path pattern | /admin/* |
referrer | HTTP Referer header match | spam-site.com |
fingerprint | Browser fingerprint similarity | Similarity threshold |
Actions
| Action | Behavior |
|---|---|
| Block | Immediately reject the request (403) |
| Challenge | Show a CAPTCHA or JS challenge before proceeding |
| Redirect | Send visitor to a specified URL |
| Allow | Bypass all subsequent rules (whitelist) |
| Log | Record the event without taking action |
Creating a Rule
- Navigate to Sites → [Your Site] → Rules
- Click Create Rule
- Select a condition type and configure its parameters
- Choose an action
- Set priority (optional — defaults to 100)
- Save and the rule takes effect immediately
Rule Evaluation Order
Rules are evaluated in priority order (lowest number first). The first matching rule's action is applied. If no rule matches, the default action is Allow.
Best practice: Place Allow rules (whitelists) at the lowest priority numbers so they evaluate first.