possible to whitelist specific signatures for an IP?
Would it be possible to block all traffic which triggers a signature except for specific IPs or nodes? Ideally we’d like to minimize the protection relaxation. I’ve reviewed the IP Address Exceptions functionality but this appears to remove all signature protection for a given address which is not a palatable option.
Data Group for multiple customers to whitelist blacklist
We have been using separate whitelist/blacklist for each customer so far but we are now planning to move to single VIP configuration to handle traffic for all customers for which we have the iRule working fine as per our requirement. However we would like to have one iRule for whitelist/blacklist for multiple customers that can handle traffic via data group, to avoid editing iRule for every new customer addition. Please suggest syntax for the iRule and Data Group.
AWS WAF Managed Service whitelisting
F5 offers a managed service within the AWS WAF security service that includes bot protection. The rules are locked down so as an admin I can only enable blocking or non-blocking (counting) behavior when enabling the service. I understand the reasons, but also have needs to whitelist some bots that we do allow to crawl our site. Is there a way to do this? Or do I have to migrate to the F5 ASM service for this kind of control?