Rule Customization
The Advanced WAF is implemented using the following different types of rules:
Type | Description |
---|---|
| These rules define conditions that may indicate a suspicious request. They also specify the threat score that should be allocated to such a request. A request can match multiple |
| These rules specify allowlist conditions for safe requests, called false positives, that would otherwise be flagged as suspicious by violating a |
| These rules define the thresholds for threat scores. There is a separate threshold for each type of threat. When a request threat score exceeds the threshold, some designated action may be performed, such as blocking or reporting the request. |
Learn how to customize the Advanced WAF rules:
- Add a rule
-
Add a MainRule rule to define suspicious patterns.
- Disable a rule
-
Add a BasicRule rule to disable a MainRule rule within a specific context.
- Set score thresholds
-
Set score thresholds for violation categories.
- Configure custom core rules
-
Load a built-in custom rule set
Next up
Add a rule