Home
Policies
Geo-location filtering
Block requests based on geo-location parameters: country, region code, and ASN
Configuration#
{
"name": "my-geo-filter-inbound-policy",
"policyType": "geo-filter-inbound",
"handler": {
"export": "GeoFilterInboundPolicy",
"module": "$import(@zuplo/runtime)",
"options": {
"allow": {
"countries": "US, CA"
},
"block": {
"asns": "$env(ASNS_TO_BLOCK)",
"regionCodes": "TX, WA"
},
"ignoreUnknown": true
}
}
}Options#
namethe name of your policy instance. This is used as a reference in your routes.policyTypethe identifier of the policy. This is used by the Zuplo UI. Value should begeo-filter-inbound.handler/exportThe name of the exported type. Value should beGeoFilterInboundPolicy.handler/modulethe module containing the policy. Value should be$import(@zuplo/runtime).handler/optionsThe options for this policy:blockcountriescomma separated string of country codes to block (e.g. "US, CA")
regionCodescomma separated string of region codes to block (e.g. "TX, WA")
asnscomma separated string of ASNs to block (e.g. "395747, 28304")
allowignoreUnknownOptional, defaults to true. Specifies whether unknown geo-location parameters should be ignored (allowed through).
Geo-location Filter Policy
Specify an allow list or block list of:
- Countries - Country of the incoming request. The two-letter country code in the request, for example, "US".
- regionCodes - If known, the ISO 3166-2 code for the first-level region associated with the IP address of the incoming request, for example, "TX"
- ASNs - ASN of the incoming request, for example, 395747.
If you specify an allow and block list for the same location type (e.g.
country) may have no effect or block all requests.
{
"allow" : {
"countries" : "US"
},
"block" : {
"countries" : "MC"
}
}The policy will only allow requests from US, so any request from MC would be automatically blocked.