You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/features/README.md
+14-3Lines changed: 14 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,7 +42,7 @@ Starting with imunify360-firewall-8.2.0 all IP lists are applied automatically.
42
42
:::
43
43
44
44
:::warning Warning
45
-
Specifying IPs in those files will not prevent Imunify from adding the same IPs to dynamic lists (like Gray list), but all White lists always have the priority over Black lists when it comes to actual filtering of requests/packages.
45
+
Specifying IPs in those files will not prevent Imunify from adding the same IPs to dynamic lists (like Grey list), but all White lists always have the priority over Black lists when it comes to actual filtering of requests/packages.
46
46
:::
47
47
48
48
@@ -97,7 +97,7 @@ To take advantage of this feature, go to your Imunify360 control panel and enabl
97
97
98
98
This is a special operation mode where Imunify360 consumes less CPU and RAM. It is intended for servers with limited resources.
99
99
100
-
This mode disables <spanclass="notranslate">[WebShield](/webshield/)</span> switching off GrayList and Anti-bot Challenge.
100
+
This mode disables <spanclass="notranslate">[WebShield](/webshield/)</span> switching off GreyList and Anti-bot Challenge.
101
101
102
102
<spanclass="notranslate">_Low Resource Usage_</span> mode also enables the <spanclass="notranslate">_[Minimized Modsec Ruleset](/dashboard/#waf-settings)_</span> option that disables Imunify WAF rules with a high memory footprint, leaving critical rulesets enabled.
103
103
@@ -491,6 +491,17 @@ The Greylist is a feature intended to distinguish human from machine input and p
491
491
Please note that the WebShield Anti-Bot Challenge is not compatible with aggressive CDN caching modes, like Cloudflare "Browser Cache TTL" or "cache everything" with "Edge Cache TTL". If the Сaptcha page is cached by CDN, a visitor will see the Anti-Bot challenge from CDN cache disregarding it has been passed or not. In order to fix that, either disable the aggressive CDN caching or the Anti-Bot Challenge functionality in the Imunify360.
492
492
:::
493
493
494
+
::: tip Note: Handling Non-Text Requests for Greylisted IPs
495
+
When a source IP address is added to the Greylist, WebShield typically presents an HTML-based Anti-Bot Challenge page (splashscreen) to verify the user. However, displaying this HTML page is not appropriate for requests explicitly asking for non-text content types.
496
+
497
+
For requests from greylisted IPs, if the `Accept` header is present and does not start with `text/` (this includes headers like `Accept: application/json` or `Accept: */*`), WebShield returns an **HTTP 415 Unsupported Media Type** error instead of the HTML challenge page, as the challenge is unsuitable for non-text responses.
498
+
499
+
**Workarounds:**
500
+
If legitimate traffic is being blocked with a 415 error due to this behavior, consider the following:
501
+
***Adjust the Client's Request:** Modify the application or client making the request to send a more specific `Accept` header (like `text/html`) or omit the `Accept` header entirely if appropriate for the expected response.
502
+
***Whitelist the Source IP:** Add the source IP address to the Imunify360 Whitelist to prevent it from being greylisted.
503
+
:::
504
+
494
505
There are two layers in GreyList behavior:
495
506
496
507
1. If a user of a website is added to the <spanclass="notranslate">Grey List</span> (the access is blocked), then the GreyList behavior allows him to unblock himself. When he tries to get to the website he receives the JS challenge. If the challenge is solved by the browser successfully (a human user is not required to go through human confirmation - the process will pass under the hood), a user is redirected to the website, which means that the access is unblocked and the IP address of this user is removed from the <spanclass="notranslate">Grey List</span>.
@@ -499,7 +510,7 @@ There are two layers in GreyList behavior:
499
510
500
511
### CDN Support
501
512
502
-
Imunify360 correctly graylists and blocks IPs behind Cloudflare and other CDNs (see [here](/features/#supported-cdn-providers) for the full list).
513
+
Imunify360 correctly greylists and blocks IPs behind Cloudflare and other CDNs (see [here](/features/#supported-cdn-providers) for the full list).
503
514
504
515
Imunify360 passes all requests from CDN through <spanclass="notranslate">WebShield</span>, and uses <spanclass="notranslate">CF-Connecting-IP</span> and <spanclass="notranslate">X-Forwarded-For</span> headers to identify real IPs.
0 commit comments