Allow rules are a kind of positive list filter. They define which requests are allowed.
- Two conditions must be met by an HTTP request in order to be allowed for further processing:
- There must be at least one applicable allow rule.
- Each applicable allow rule must be satisfied by the HTTP request.
An allow rule is applicable if the path of a request URL matches the configured path pattern. An allow rule is satisfied by a HTTP request if it is applicable and the HTTP request satisfies all criteria defined by the allow rule. During processing of an HTTP request, allow rules are applied first. Deny rules are only applied if the allow rules allow the request.