# 4.8 URL Path Blocking

#### 📘 Overview

The **Block URL Path** module allows you to block access to specific URL paths on your site.\
Any incoming HTTP request that matches the defined path will be instantly blocked — regardless of its headers, parameters, or IP address.

***

#### 🛠️ How It Works

You provide a **full or partial URL path**, such as:

* `/admin`
* `/private/data.json`
* `https://yourdomain.com/debug`

Once saved, all requests to that exact path will be blocked **before reaching your backend**.

***

#### ⚙️ How to Add a Blocking Rule

1. Go to **Security Rules > URL Path Blocking**
2. Click **Block URL Path**
3. Enter the full or partial path to be blocked
4. Click **Block**
5. The rule is instantly enforced

<figure><img src="https://1888569782-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fj6f1XtdOtNUZVCRH9J44%2Fuploads%2FQZ7mAObD5MHgtJTx1itm%2Fimage.png?alt=media&#x26;token=0c0cc259-7352-46d6-ae62-7d6f9686a7e3" alt=""><figcaption></figcaption></figure>

***

#### 📋 Example Use Cases

* Block access to `/admin` or `/debug` pages
* Block file downloads from `/backup.zip`
* Block access to hidden or deprecated directories

***

#### 🔐 Why It Matters

Blocking unused or sensitive paths helps protect:

* Admin panels
* Development environments
* Exposed data files
* Misconfigured routes

This is a quick and effective way to reduce your visible attack surface.

***

🎯 **Block URL Path offers an easy way to disable public access to risky paths without needing to change application code or server configurations.**