# 4.7 Block URL Requests

#### 📘 Overview

The **Block Request** module allows you to block HTTP requests based on specific key-value matches found in either query strings (GET) or form data (POST).\
This helps prevent suspicious or unwanted data from reaching your application.

***

#### 🛠️ How It Works

You define two simple parameters:

* **Request Key Value** – The name of the request parameter to monitor (e.g., `search`, `token`, `redirect`)
* **Request Content** – The exact value that should be blocked (e.g., `SELECT`, `javascript:`, `admin`)

If the system detects a request with that key and matching value, it blocks the request immediately.

***

#### ⚙️ How to Add a Blocking Rule

1. Go to **Security Rules > Block URL Request Parameters**
2. Click **Block Request**
3. Fill in:
   * `Enter Request Key Value`: the parameter name to inspect
   * `Enter Request Content`: the value to block
4. Click **Block**
5. The rule is now active and will block matching requests

<figure><img src="/files/e2jDyc94GxwLYeuVViXj" alt=""><figcaption></figcaption></figure>

***

#### 📋 Example Use Cases

* Block `search=SELECT` to prevent SQL Injection attempts
* Block `redirect=javascript:` to mitigate Open Redirects
* Block `token=admin123` to prevent brute-force token usage

***

#### 🔐 Why It Matters

By inspecting incoming request parameters, this feature allows early detection of payload-based attacks.\
It helps reduce exposure to:

* SQL Injection (SQLi)
* Cross-Site Scripting (XSS)
* Command Injection
* Open Redirects

***

🎯 **Blocking malicious key-value combinations at the request level helps neutralize attacks before they reach your backend systems.**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.shieldsguard.com/getting-started/4.-security-rules/4.7-block-url-requests.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.