Skip to content

Additional settings

Protection additional settings are accessible for the Community (paid), Developer and Business plan users.

The Additional settings subpage is found at Sites > > Protection > Additional settings in Patchstack App.

Additional settings features

User role whitelist

You can whitelist user types from the Patchstack firewall engine. This means that the Patchstack firewall would not run against these user types at all. To whitelist any user type, do the following:

  1. Navigate to your sites’ Protection > Additional settings page in Patchstack App
  2. Look for the User role whitelist section
  3. Toggle the roles, that you wish to whitelist
  4. Click Save settings once the changes have been done.

Country blocking

In case you want to block traffic to your site from certain countries, you can do so in the Country blocking section. To block any country from viewing your site, do the following:

  1. Navigate to your sites’ Protection > Additional settings page in Patchstack App
  2. Look for the Country blocking section
  3. Toggle the Enable country blocking switch
  4. Start typing the name of the country into the country list field
  5. Click on the country name
  6. Scroll down and click on Save settings

Inversed country blocking

We have also added the Inversed check option which works the other way around.
When this is checked, the countries which are typed into the country list input, will be the only countries from which the traffic to your site is allowed.

Example case:
If you want to allow traffic ONLY from (for example) Germany:

  1. Type “Germany” into country input field
  2. Check Inversed check
  3. Check Enable country blocking
  4. Click on Save settings

PS! In some rare occurrences, the country blocking feature can cause false positive blockings. We recommend using country blocking on server level.

General whitelist settings

Under the General whitelist settings section, you can manage whitelist settings and add IP address header override rule.

📘 Whitelist

Each rule must be on a new line.

The following keywords are accepted

IP = firewall will not run against the IP
PAYLOAD = if the entire payload contains the keyword, the firewall will not proceed
URL = if the URL contains given URL, firewall will not proceed


In this scenario, the firewall will not run if the IP address is or if the payload contains contact_form or if the URL contains water or if the URL contains /some-form.

📘 IP Address Header Override

If you would like to override the IP address header that we use to grab the IP address of the visitor, enter the value to IP Address Header Override input.

This must be a valid value in the $_SERVER array, for example HTTP_X_FORWARDED_FOR. If the $_SERVER value you enter does not exist, it will fallback to the Patchstack IP grab function so ask your hosting company if you are unsure.

Leave this empty to use the Patchstack IP address grabbing function.

Block IP settings

In this section, you can Block IPs that are a potential threat to your sites.

🚧 Example case:

Patchstack has blocked 5 attacks on your site from one specific IP address in a period of 60 minutes.
You would now want this IP to be blocked.

Type in the following data:

Block IP for 4320 Minutes
After 5 Blocked Attacks
Over A Period of 60 Minutes

Click Save Settings

Now - any IP address which meets all those conditions will be blocked for three days.

📘 IP Block List

Lets you completely block IP addresses by entering each IP address to a new line.

Following formats are accepted: