Configure the Bot Allowlist Policy
Important: Bot Defense Advanced Self-Service Policy Management is an Early Access feature.
Configure an allowlist policy that allows requests from entries on the list to reach the origin destination without being evaluated by Bot Defense. You can define Bot Allowlist Policy entries by IP address, IP prefix or IP address range. For example, you might choose to add vulnerability scanners, QA tools or health monitors to your Bot Allowlist Policy.
Note: You can only edit the most recent version of the policy.
-
From the Bot Defense navigation menu, click Manage > Bot Policies and then click Bot Allowlist Policy.
-
From the list of saved Bot Allowlist Policies, in the Actions column, click the Action menu (…) next to the most recent policy version.
If you are configuring a Bot Allowlist Policy for the first time, it is likely that you only have one saved policy version.
-
Click Manage Configuration and then click Edit Configuration.
-
Enter a Name and Description for the new policy version.
-
In the IP Allowlist section:
- To add an entry by either IP address or IP prefix, in the IP & IP Prefix section, click Add Item. select one of the following client identifiers:
- IP Address: Enter a Value, such as 172.16.0.0.
- IP Prefix: Enter a Value, such as 172.16.0.0/12.
- When you finish, click Apply.
- To add an entry by either IP address or IP prefix, in the IP & IP Prefix section, click Add Item. select one of the following client identifiers:
-
To add an entry by IP address range, in the IP Range section, click Add New, then enter the start and end of the IP range. Then click Apply.
-
When you finish making changes, click Review Changes.
-
Choose one of the following options:
- Save Final: The policy version is saved and added to the list of policy versions that you can deploy in your Bot infrastructure.
- Save as Draft: You or another administrator can review and finalize this policy version later.
Important: Other administrators can make changes that overwrite your saved draft. Before you deploy your policy update, review the policy settings to make sure they are correct.
Next Steps
When you finish configuring your Bot Allowlist Policy version and are ready to deploy the version, see Deploy Policy Updates.
Important: F5 recommends that you first deploy and test new policy versions in your test environment to make sure the system behaves as you intended before you deploy in a production environment. For information, see Test Bot Defense Advanced.