Deny
Overview
The Deny Traffic Policy action enables you to reject incoming requests on your endpoints before they make it to your upstream service.
Configuration Reference
The Traffic Policy configuration reference for this action.
Supported Phases
on_tcp_connect
, on_http_request
Type
deny
Configuration Fields
- on_http_request
- on_tcp_connect
status_codeinteger
Response status code. Default is
999
.
This action does not have any configuration fields for TLS / TCP endpoints.
Behavior on_tcp_connect
When this action is executed, the upstream server is never reached and a response is immediately returned and no further actions or rules in the policy configuration will be executed.
Behavior on_http_request
When this action is executed, the upstream server is never reached and a response is immediately returned and no further actions or rules in the policy configuration will be executed.
Custom Content
The deny traffic policy action will not send back a response body to the client.
To send back a response body, use the custom-response
action.
Examples on_tcp_connect
Deny all traffic
The following Traffic Policy configuration will deny all inbound traffic on your endpoint.
Example Traffic Policy Document
- YAML
- JSON
---
on_tcp_connect:
- actions:
- type: "deny"
{
"on_tcp_connect": [
{
"actions": [
{
"type": "deny"
}
]
}
]
}
Example Request
$ telnet 5.tcp.ngrok.io 22984
Trying...
Connected to 5.tcp.ngrok.io.
Connection closed by foreign host.
In this example, we attempt to connect to 5.tcp.ngrok.io:22984
using the
telnet
command and ngrok immediately closes the connection.
Examples on_http_request
Deny traffic with a 404 status code
The following Traffic Policy
configuration will deny all inbound traffic with a 404
on your endpoint.
Example Traffic Policy Document
- YAML
- JSON
---
on_http_request:
- actions:
- type: "deny"
config:
status_code: 404
{
"on_http_request": [
{
"actions": [
{
"type": "deny",
"config": {
"status_code": 404
}
}
]
}
]
}
Example Request
$ curl https://example.ngrok.app
HTTP/2 404 Not Found
In this example, we attempt to connect to example.ngrok.app
using the
curl
command and ngrok immediately closes the connection with a 404
status
code.
Action Result Variables
The following variables are made available for use in subsequent expressions and CEL interpolations after the action has run. Variable values will only apply to the last action execution, results are not concatenated.
This action does not set any variables after it has been executed.