Reference
Geo-location filtering Policy
Block requests based on geo-location parameters: country, region code, and ASN
Configuration
The configuration shows how to configure the policy in the 'policies.json' document.
Policy Configuration
name
<string> - The name of your policy instance. This is used as a reference in your routes.policyType
<string> - The identifier of the policy. This is used by the Zuplo UI. Value should begeo-filter-inbound
.handler.export
<string> - The name of the exported type. Value should beGeoFilterInboundPolicy
.handler.module
<string> - The module containing the policy. Value should be$import(@zuplo/runtime)
.handler.options
<object> - The options for this policy. See Policy Options below.
Policy Options
The options for this policy are specified below. All properties are optional unless specifically marked as required.
block
<object> -countries
<string> -comma separated string of country codes to allow (e.g. "US, CA").regionCodes
<string> -comma separated string of region codes to allow (e.g. "TX, WA").asns
<string> -comma separated string of ASNs to allow (e.g. "395747, 28304").
allow
<object> -countries
<string> -comma separated string of country codes to allow (e.g. "US, CA").regionCodes
<string> -comma separated string of region codes to allow (e.g. "TX, WA").asns
<string> -comma separated string of ASNs to allow (e.g. "395747, 28304").
ignoreUnknown
<boolean> -Specifies whether unknown geo-location parameters should be ignored (allowed through).Defaults totrue
.
Using the Policy
Geo-location Filter Policy#
Specify an allow list or block list of:
- Countries - Country of the incoming request. The two-letter country code in the request, for example, "US".
- regionCodes - If known, the ISO 3166-2 code for the first-level region associated with the IP address of the incoming request, for example, "TX"
- ASNs - ASN of the incoming request, for example, 395747.
Caution
If you specify an allow and block list for the same location type (e.g.
country
) may have no effect or block all requests.
{ "allow" : { "countries" : "US" }, "block" : { "countries" : "MC" } }
The policy will only allow requests from US, so any request from MC would be automatically blocked.
Read more about how policies work