Request Control workflow

The default for Request Control is to give all requests access. You use your rules to restrict access.

Here's a diagram that shows how Request Control works.

For the allowlist example, when a visitor requests a page and the IP address or geography is allowed based on the rules, that visitor can view the page. If the visitor’s IP address or geography is not included in the rules, that visitor will receive a 403 (Forbidden) error.

Conversely, for a blocklist, if a visitor requests a page from an IP address or geography that's denied based on the rules, the visitor will receive a 403 error.

Note: The default for Request Control is to allow access to all requests. You must set up rules in order to restrict access.

Allowlist example

Blocklist example