topic Re: Best Practice for creating IP Whitelist ACL for Web API Assets in WAF https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237824#M276 <P>Hi Maxh,</P> <P>You can use Custom Rules and Exceptions for achieving this.</P> <P>Look for further details here:&nbsp;<A href="https://waf-doc.inext.checkpoint.com/setup-instructions/setup-custom-rules-and-exceptions" target="_blank">Setup Custom Rules and Exceptions | CloudGuard WAF</A></P> Tue, 07 Jan 2025 12:14:20 GMT yuvalmamka 2025-01-07T12:14:20Z Best Practice for creating IP Whitelist ACL for Web API Assets https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237707#M275 <P>Hello,</P><P>we're currently deploying CloudGuard WAF aaS for our public services and wanted to add semi-public services also, which we currently run through our old WAF with IP (and Subnet) Whitelisting.</P><P>&nbsp;</P><P>As per the title: What's the recommended way to achieve this?</P><P>&nbsp;</P><P>Thanks!</P> Mon, 06 Jan 2025 16:18:14 GMT https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237707#M275 Maxh 2025-01-06T16:18:14Z Re: Best Practice for creating IP Whitelist ACL for Web API Assets https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237824#M276 <P>Hi Maxh,</P> <P>You can use Custom Rules and Exceptions for achieving this.</P> <P>Look for further details here:&nbsp;<A href="https://waf-doc.inext.checkpoint.com/setup-instructions/setup-custom-rules-and-exceptions" target="_blank">Setup Custom Rules and Exceptions | CloudGuard WAF</A></P> Tue, 07 Jan 2025 12:14:20 GMT https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237824#M276 yuvalmamka 2025-01-07T12:14:20Z Re: Best Practice for creating IP Whitelist ACL for Web API Assets https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237825#M277 <P>Okay, I was on the right path then. I'd just create a custom rule which drops traffic if the IP is not in the list.</P> Tue, 07 Jan 2025 12:27:00 GMT https://community.checkpoint.com/t5/WAF/Best-Practice-for-creating-IP-Whitelist-ACL-for-Web-API-Assets/m-p/237825#M277 Maxh 2025-01-07T12:27:00Z