How to configure a WAF Custom Allowed Rule
Configuring a WAF Custom Allowed Rule allows you to instantiate specific rules for the needs of your edge application. These rules permit specific, legitimate traffic while maintaining robust protection against malicious attacks.
This guide explains how to configure a WAF Custom Allowed Rule via Azion Edge Platform.
Requirements
To instantiate Custom Allowed Rules in a WAF Rule Set, you must have:
- An edge firewall with the Web Application Firewall module activated.
- A configured WAF Rule Set.
Configuring a WAF Custom Allowed Rule
- Access Azion Console > WAF Rules in Edge Libraries.
- Create a new WAF Rule Set or select an existent one.
- Select the Allowed Rules tab.
- Click the + Allowed Rule button.
- Select the Rule ID you want to use.
- Check the list of all available internal rules.
- Type a description to explain the reason this rule was allowed.
- In the Match Zone Set section configure the behavior that should be used to allow a rule:
- In Path, configure the behavior that should be used to allow a rule. Example:
/api/v1/resources/*. - In Match Zones, select the part of the request to match such as headers, body, etc.
- According to the option, you could complete additional fields to add a specific value representing the match option and the matches for the value or the key name. Read more about Allowed Rules fields.
- If necessary, activate the Regex switch to treat conditional fields as regular expressions in all match zones.
- In Path, configure the behavior that should be used to allow a rule. Example:
- Enable the Status switch.
- Click the Save button.
- Access Real-Time Manager (RTM).
- Go to Products menu > WAF Rules in Edge Libraries.
- Create a new WAF Rule Set or select an existent one.
- Select the Allowed Rules tab.
- Click the Add Rule button.
- Select the Rule ID you want to use.
- Check the list of all available internal rules.
- In Reason, type a description to explain the reason this rule was allowed.
- In the Match Zone Set section configure the behavior that should be used to allow a rule:
- In Path, configure the behavior that should be used to allow a rule. Example:
/api/v1/resources/*. - In Match Zones, select the part of the request to match such as headers, body, etc.
- According to the option, you could complete additional fields to add a specific value representing the match option and the matches for the value or the key name. Read more about Allowed Rules fields.
- If necessary, activate the Regex switch to treat conditional fields as regular expressions in all match zones.
- In Path, configure the behavior that should be used to allow a rule. Example:
- Enable the Active switch.
- Click the Save button.
Contributors
