For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jerm1020_254086

Icon for Nimbostratus rank

Nimbostratus

Nov 01, 2016

possible to whitelist specific signatures for an IP?

Would it be possible to block all traffic which triggers a signature except for specific IPs or nodes? Ideally we’d like to minimize the protection relaxation. I’ve reviewed the IP Address Exceptions functionality but this appears to remove all signature protection for a given address which is not a palatable option.

ASM Advanced WAF

ip whitelisting

1 Reply

nathe
Cirrocumulus
Nov 01, 2016
jerm1020,

I'm not sure that is possible. One workaround is to have a seperate policy for those IP addresses and use a traffic policy or iRule to switch between the different policies.

Not great i imagine but i can't think of an alternative.

Hope this helps,

N

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5