Nova WAF Whitelists and Blacklists

Nova WAF allows you to whitelist IPs and rules or to blacklist IPs. This has many functions, as described below.


Access Control

The most obvious is the WAF Blacklist and Whitelist of IP addresses and ranges. You can globally ban certain IPs from accessing your systems, or alternatively, allow certain IPs, bypassing all other restrictions.

When an IP or range is whitelisted it will go straight through, regardless of settings. It bypasses ADC Protections, WAF detections, DoS protections and more.


WAF Tuning

You may have certain API consumers in your business that you want to whitelist - internal IPs for example - to ensure they can bypass the WAF. However, we rather recommend bypassing WAF blocks by whitelisting Rule IDs.

When blocked you can view the rule ID that blocked the user in any WAF report on Nova. This can often be a rule that is too strict for your installation, and you can whitelist the rule.

Bare in mind that the more you whitelist the less protected you become, but also remember that the system often requires tuning for custom applications.


Vulnerability Scanning

One of the big reasons to whitelist is an approved vulnerability scan. Nova will prevent vulnerability scans in multiple ways, including Scanner Protection, IP Reputation, and the standard WAF ruleset.

If you want an actual scan of the backend systems you may want to whitelist the scanner IP to let it through Nova's security features and find potential problems in your application.