Published 4 months ago
Published 4 months ago
Bazar Market
Updated 4 months ago
0
Hello SafeLine team,
We are using SafeLine WAF 9.2.8 and faced an issue with the Anti-Bot module blocking legitimate traffic.
We have a trusted IP address used by our developers which sends automated HTTP requests (scripts, CI/CD checks, internal testing tools). These requests are expected, legitimate, and not malicious, but they are currently being detected and blocked by the Anti-Bot protection.
We would like to understand:
What is the recommended way to exclude or whitelist a specific IP address from Anti-Bot checks?
Is it possible to bypass Anti-Bot challenges (JS / CAPTCHA / bot detection) for:
a specific source IP or IP range?
specific User-Agent headers?
a custom rule (Allow / Bypass Bot Protection)?
We checked the UI and found general Allow / Deny and Custom Rules, but it is not clear whether they fully bypass the Anti-Bot module or only affect access control.
Could you please advise:
The correct configuration approach for this scenario
Or confirm whether Anti-Bot exceptions are supported in 9.2.8, and where they should be configured (UI path or config)
This would help us safely allow trusted automation traffic while keeping Anti-Bot enabled for public users.
Thank you in advance.