Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ Web Application Firewall/ Geolocation Access Control Rule Must be Configured
Updated on 2025-08-25 GMT+08:00

Geolocation Access Control Rule Must be Configured

Rule Details

Table 1 Rule details

Parameter

Description

Rule Name

waf-policy-enable-geoip

Identifier

Geolocation Access Control Rule Must be Configured

Description

If no geolocation access control rule is configured or is enabled for a WAF protection policy, the check result is non-compliant.

Tag

waf

Trigger Type

Periodic

Filter Type

Account

Rule Parameters

None

Application Scenarios

WAF can identify where a request originates. You can set geolocation access control rules in just a few clicks and let WAF block or allow requests from a certain region. Custom geolocation access control rules can be set to control requests of IP addresses from specific countries or regions.

Rule Logic

  • If your account does not have a WAF protection policy with the geolocation access control rule configured or the rule is disabled, the check result is non-compliant.
  • If your account has a WAF protection policy with the geolocation access control rule configured and the rule is enabled, the check result is compliant.