4.8 URL Path Blocking

📘 Overview

The Block URL Path module allows you to block access to specific URL paths on your site. Any incoming HTTP request that matches the defined path will be instantly blocked — regardless of its headers, parameters, or IP address.


🛠️ How It Works

You provide a full or partial URL path, such as:

  • /admin

  • /private/data.json

  • https://yourdomain.com/debug

Once saved, all requests to that exact path will be blocked before reaching your backend.


⚙️ How to Add a Blocking Rule

  1. Go to Security Rules > URL Path Blocking

  2. Click Block URL Path

  3. Enter the full or partial path to be blocked

  4. Click Block

  5. The rule is instantly enforced


📋 Example Use Cases

  • Block access to /admin or /debug pages

  • Block file downloads from /backup.zip

  • Block access to hidden or deprecated directories


🔐 Why It Matters

Blocking unused or sensitive paths helps protect:

  • Admin panels

  • Development environments

  • Exposed data files

  • Misconfigured routes

This is a quick and effective way to reduce your visible attack surface.


🎯 Block URL Path offers an easy way to disable public access to risky paths without needing to change application code or server configurations.

Last updated