Global WAF Rule

We already explained the five types of built-in rule sets in App WAF Rule.

But what if you want to add a custom WAF rule?

First, click the Global Config:

Then, click the Global WAF on the left-side navigation bar to enter the WAF Rule Set page.

This page already contains the five built-in rule sets. These read-only rule sets can neither be modified nor be deleted.

Click first the New Rule Set button to create your own WAF rule.

The WAF rules need to be written by yourself with Edgelang statements.

So you need to get familiar with Edgelang grammar and how to use waf-config in advance. More details can be found in this documentation: waf-mark-risk

In the simple example below, requests where uri is prefixed with /static/ will be intercepted by the WAF rule,

following the reject action, 403 is returned to the client-side.

In fact, Edgelang statements can help realize more sophisticated WAF rules.

Click the Submit button at the bottom right-hand corner, and the system will test and compile Edgelang statements. There will be prompts if something is wrong,

If not, they will be directly saved.

Now, a global WAF rule is successfully set.

If you proceed to create another or revise a App WAF Rule,

you will see the newly added WAF rule that is already in the WAF Rule Set dropdown list.