Custom Rules

Response: Protection Mode: Log Only¶

​​Menu "Plan List -> Configure Policy -> Select the corresponding WAF rule name in the Policy Group"​​
Enabling log-only mode for a trial run helps identify potential vulnerabilities in advance and allows for remediation. No blocking actions will be taken during this process.

In the log service, detailed data can be reviewed, and whitelisting can be performed with one click.

Response: Protection Mode: Enabled¶

​​● Menu "Plan List -> Configure Policy -> Select the corresponding WAF rule name in the Policy Group"​​
​​Blocking mode is enabled​​. For custom rules, rate-limiting rules, managed rules, configured conditional policies, and ​​OWASP​​ rule sets, blocking actions will be triggered when policies are violated.

In the log service, detailed data can be reviewed, and whitelisting can be performed with one click.

Response: Custom Rules¶

​​Menu "Plan List -> Configure Policy -> Policy Group -> Custom Rules"​​ (Advanced Edition Custom Rules)

​​Matching Criteria​​:
● Independent IP
● Hostname
● Request Header
● Cookie
● Query Parameters
● URI
● Country/Region
● X-Forwarded-For
● Request Source/Request Header
● UA
● Referer

Actions:
● Skip Rule ● Log Only ● Block ● Whitelist Rule ID

Recovery: One-Click Whitelisting¶

Whitelist with one click via logs: ​​Web Application Firewall 3.0 -> Log Service -- Click or search for the corresponding log ID​​

Recovery: Skip via Custom Rules¶

​​Web Application Firewall 3.0 -> Plan List -> Policy Group -> Custom Rules -> Add Rule​​. Use this to skip the three major rule sets.