Global WAF Rule
We already explained the five types of built-in rule sets in App WAF Rule.
But what if you want to add a custom WAF rule?
First, click the Global Config
:
Then, click the Global WAF
on the left-side navigation bar to enter
the WAF Rule Set page.
This page already contains the five built-in rule sets. These read-only rule sets can neither be modified nor be deleted.
Click first the New Rule Set
button to create your own WAF rule.
The WAF rules need to be written by yourself with Edgelang statements.
So you need to get familiar with Edgelang grammar and how to use waf-config in advance. More details can be found in this documentation: waf-mark-risk
In the simple example below, requests where uri is prefixed with
/static/
will be intercepted by the WAF rule,
following the reject
action, 403 is returned to the client-side.
In fact, Edgelang statements can help realize more sophisticated WAF rules.
Click the Submit
button at the bottom right-hand corner, and the
system will test and compile Edgelang statements. There will be prompts
if something is wrong,
If not, they will be directly saved.
Now, a global WAF rule is successfully set.
If you proceed to create another or revise a App WAF Rule,
you will see the newly added WAF rule that is already in the WAF Rule Set dropdown list.