IncapRules (Enterprise Only)

Created at:
Avatar
Updated

Use the Incapsula IncapRules proprietary scripting language to implement your own security, delivery, and access control rules on top of Incapsula's existing security and application delivery logic.

These custom rules can be manually coded or generated using a dedicated GUI that helps users get acquainted with the rule generation process.

Web application owners and security engineers can use IncapRules to improve the security and performance of their websites and applications. For example, rules can be created to:

  • Prevent bots from accessing a site’s registration form

  • Restrict access to a specific part of an application based on IP address

  • Limit the rate of requests to a website

  • Manipulate traffic routes and redirects

  • Control a request's URL structure, headers and cookies

Rule type

Available rule actions

IncapRules for security and access control

  • Alert

  • Block Request

  • Block Session

  • Block IP

  • Require Cookie Support

  • Require Javascript Support

  • Require CAPTCHA Support

Application delivery rules

  • Redirect URL

  • Rewrite (URL, Header, Cookie)

  • Forward

 

Filters, Triggers, and Actions

The IncapRules syntax was designed for simplicity. As such, it relies on a few dozen descriptively-named parameters and a set of logic operators. These elements are combined together to form a trigger that leads to one of the pre-defined actions. To illustrate just how intuitive this language is, here's an example of a rule that restricts public access to your application’s admin:

 

 

In this case, the trigger is a combination of two filters - one to mark the restricted URL and another to prevent access from all external IPs. Overall, IncapRules offers access to dozens of different parameters, which allow you to create policies based on:

  • HTTP request methods (Post or Get)

  • Header values

  • URL parameters

  • Client types (e.g., browser, search engine, feed fetched, etc.)

  • IPs and Geo-locations

  • Access rates on a request or session level

  • Cookie and JavaScript support

  • Pool

    of 500 pre-defined client signatures (e.g., GoogleAds, CroneTask, WordPress bots, etc.)

The resulting actions may also vary, with options ranging from “Silent Alert”, to initiation of additional challenges (e.g., CAPTCHA, JS, etc), to absolute blocking of the specific visitor or even null-routing of all traffic from an IP address.

All in all, with its vast number of possible combinations, IncapRules allows for literally limitless possibilities - giving Incapsula’s users the flexibility they need to deal with any possible security scenario.

 

Rule Management and Revisions

Rules are managed at the site level for every protected web domain.

In addition to creating, editing and deleting rules, the Rules management interface enables revision management. Incapsula maintains a list of revisions for every Rule, enabling administrators to review an audit trail of all Rule changes and easily revert to a previous rule revision, as needed.

Similar to other security features in Incapsula, you can also monitor the activity of IncapRules and Delivery Rules in the website's Dashboard.

Read More

Additional information can be found in our blog post

Note:This feature is available only on our Enterprise plan.

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk