Configuring special access rules for application server URLs

You can configure special rules that allow anonymous access to or deny all access to specific application server URLs.

From from the Resources tab of the SafeLinx Administrator, select the http service to configure. Select the Server tab of the service properties box and in the Application server URL field add the desired rule.

"No authentication required" rule

Configure a "No authentication required" rule using the keyword NOAUTH that defines a server path that doesn't require authentication. SafeLinx allows anonymous access for any requests that begin with the path specified in the rule.

For example, to allow anonymous access to any request on the server myserver.internal.com that begins with /path/open/, specify the following rule:

NOAUTH https://myserver.internal.com/path/open

Use this type of rule with caution. For security reasons, only one anonymous request is allowed per TLS socket.

Deny rule

Configure a Deny rule using the keyword DENY that defines a server path to which no access is allowed (anonymous or authenticated). SafeLinx denies access for any requests that begin with the path specified in the rule and returns a HTTP 403 response.

For example, to deny all access to any request on the server myserver.internal.com that begins with /path/closed/, specify the following rule:

DENY https://myserver.internal.com/path/closed