Allow rules can be necessary in some cases but it is important to realize for each rule you create, you are essentially creating a hole in the security and filtering for your user and/or domain. See the attached documentation for best practices.
Updated