Actions—what to do when a rule matches
When a rule matches you have several options: You can allow the request, you can deny it or you can opt to take no action at the moment but continue processing with the next rule. There are also several other things you can do like redirect or proxy requests. In this section you'll learn in more detail about the options that are available.
Allowing requests
The way the allow action works differs depending on how a rule is written. An allow action can be configured to work in one of three ways:
Allow access immediately and skip remaining phases (except for logging).
This is the case if
allowis specified on its own, as inSecAction allow.Allow access to the current phase only.
Specify
allow:phaseto allow in the current phase. Rule processing then continues immediately with the next phase, and rules in this and subsequent phases may then override theallowwith adenyaction.Allow access to the request phases only.
Specify
allow:requestto allow in...
