Configure the Bot Allowlist Policy
Important: Bot Defense Self-Service Policy Management is an Early Access feature.
Configure an allowlist policy that allows requests from entries on the list to reach the origin destination without being evaluated by Bot Defense. You can define Bot Allowlist Policy entries by IP address, IP prefix or IP address range. For example, you might choose to add vulnerability scanners, QA tools or health monitors to your Bot Allowlist Policy.
Note: You can only edit the most recent version of the policy.
To configure a Bot Allowlist Policy:
-
From the Bot Defense navigation menu, select Manage > Bot Policies and then select Bot Allowlist Policy.
-
From the list of saved Bot Allowlist Policies, in the Actions column, select the Action menu (…) next to the most recent policy version.
If you are configuring a Bot Allowlist Policy for the first time, it is likely that you only have one saved policy version.
-
Select Manage Configuration and then select Edit Configuration.
-
Enter a Name and Description for the new policy version.
-
In the IP Allowlist section:
- To add an entry by either IP address or IP prefix, in the IP & IP Prefix section, select Add Item. Select one of the following client identifiers:
- IP Address: Enter a Value, such as 172.16.0.0.
- IP Prefix: Enter a Value, such as 172.16.0.0/12.
- When you finish, select Apply.
- To add an entry by either IP address or IP prefix, in the IP & IP Prefix section, select Add Item. Select one of the following client identifiers:
-
To add an entry by IP address range, in the IP Range section, select Add New and then enter the start and end of the IP range. Then select Apply.
-
When you finish making changes, select Save Bot Allowlist Policy.
-
Choose one of the following options:
- Save Final: The policy version is saved and added to the list of policy versions that you can deploy in your Bot infrastructure.
- Save as Draft: You or another administrator can review and finalize this policy version later.
Important: Other administrators can make changes that overwrite your saved draft. Before you deploy your policy update, review the policy settings to make sure they are correct.
Next Steps
When you finish configuring your Bot Allowlist Policy version and are ready to deploy the version, see Deploy Policy Updates.
Important: F5 recommends that you first deploy and test new policy versions in your test environment to make sure the system behaves as you intended before you deploy in a production environment. For information, see Test Bot Defense.