A rule can be configured for a URL match, a Host header match and a set of optional extended match criteria (example: client IP address or the HTTP method). Once a match is found, the request will be processed as per the configured action. The rule action can be configured to either redirect the incoming request to another absolute URL, or to continue the processing of the request using the other security layers of the Barracuda Web Application Firewall, apart from allowing or denying a request explicitly.
To configure a specific match, click Add or Edit next to the Service and use the Extended Match widget. For rule matching and subsequent evaluation, URL match and Host header matches are prioritized over extended matches. If more than one rule with the same URL match/Host header match is configured, they are evaluated based on the specified extended match sequence.
To create a URL ACL rule:
- Go to the SECURITY > Allow/Deny Rules page.
- In the URL : Allow/Deny Rules section, identify the Service to which you want to add the URL ACL rule.
- Click Add next to the Service. The Create ACL window appears.
- Specify appropriate values for the given fields and click Save.
For more information, click Help in the web interface.