Allow and denyv3.6+

This configuration sets up the AI Prompt Guard plugin to semantically filter incoming requests based on pattern matching.

In this example:

  • Requests are allowed if they match common IT-related question formats like “what is”, “how do I”, or “install”.
  • Requests are denied if they contain sensitive or inappropriate terms such as “hack”, “phish”, “malware”, or “cve”.

For a complete tutorial on this example, see Use AI Prompt Guard plugin to govern your LLM traffic.

Set up the plugin

Add this section to your declarative configuration file:

_format_version: "3.0"
plugins:
  - name: ai-prompt-guard
    config:
      allow_patterns:
      - "(?i).*what is .*"
      - "(?i).*how do i .*"
      - "(?i).*install .*"
      - "(?i).*configure .*"
      - "(?i).*reset .*"
      - "(?i).*troubleshoot .*"
      deny_patterns:
      - "(?i).*bypass.*(login|password|auth).*"
      - "(?i).*hack.*"
      - "(?i).*phish.*"
      - "(?i).*malware.*"
      - "(?i).*cve.*"
      - "(?i).*exploit.*"
      - "(?i).*social engineering.*"
      - "(?i).*pentest.*"
      - "(?i).*impersonate.*"
      - "(?i).*dating.*"
Copied to clipboard!

Did this doc help?

Something wrong?

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!