4. Security Rules

🛡️ Security Rules

The Security Rules section in ShieldsGuard provides powerful tools to filter, block, or manipulate specific aspects of incoming HTTP requests. This section empowers administrators to define granular behavioral policies, harden exposed endpoints, and mitigate suspicious or malicious activity on a per-rule basis.

Each rule type is modular, giving you complete control over how your system handles traffic based on IPs, headers, methods, paths, query strings, or even post payloads.

Below is a breakdown of what each rule type allows you to control:

🔲 BlackList & WhiteList

Define explicit IP addresses or CIDR ranges to block or allow regardless of other rules or protections.

📘 User Agent Filtering

Create rules based on the User-Agent header. Useful for blocking known bots, outdated clients, or malicious scanners.

🧵 Query String Filtering

Inspect query parameters and block requests that contain suspicious or forbidden values.

📥 HTTP Header Filtering

Control request behavior by filtering based on specific HTTP headers, such as Referer, Origin, or custom-defined headers.

🚫 Block POST Values

Prevent requests containing specific keywords or data patterns in POST bodies. Ideal for blocking form spam or injection attempts.

🔄 Custom Headers

Inject or modify custom headers into responses for security, debugging, or routing logic.

⛔ Block URL Requests

Block access to specific URL strings or patterns regardless of method or query.

🧭 URL Path Blocking

Block entire URL path segments such as /admin, /debug, or /staging. Supports wildcards and nested directories.

🔐 Encrypt Path

Obfuscate sensitive paths using encryption to prevent reconnaissance and endpoint enumeration.

🧹 Remove Request Value

Strip or replace parts of the request URI, headers, or parameters before it reaches backend services.

🚫 Exclude Directories from Protection

Bypass WAF/DDoS inspection for specific static folders (e.g., /uploads, /assets) to improve performance or avoid unnecessary filtering.

🧠 These security rules act as a flexible policy enforcement layer — perfect for scenarios where WAF alone is not enough or too generalized.

Proper use of Security Rules gives you surgical control over traffic behavior, making ShieldsGuard a highly adaptable security platform for modern, high-risk environments.