Oracle Cloud Infrastructure Documentation

Adding a Web Application Firewall Action

Add an action to a web application firewall (WAF) policy.

Using the Console

  1. On the Policies page, select the compartment that contains the policy.
  2. (Optional) Filter the listed policies by name, status, policy type (WAF policy), or creation date.
  3. Click the name of the WAF policy to which you want to add an action.
  4. On the policy details page, under Policy, click Actions.
  5. Click Manage actions.
  6. In the Manage actions dialog box, click Add action.
  7. In the Add action dialog box, complete the options as follows:

    • Action name: Enter a name for the action.

    • Action type: Specify the action type:
      • Allow: Skips all remaining rules in the current module.
      • Check: Doesn't stop the running of rules. Instead it generates a log message that documents the result of running the rules.
      • Return HTTP response: Returns a defined HTTP response.

        If you select this type, then provide the following values:

    • Response code: Select the HTTP response.

    • Headers: Enter optional header information:

      • Header name: Enter the name of the header.

        Header value: Enter the associated value of the header.

        Click + Another header to display another header row where you can enter a header name and value pair. Click X to delete the associated header row.

    • Response page body: Enter the HTTP response body, for example a JSON error response:
      {"code":"403","message":"Forbidden"}
  8. Click Add action.
  9. In the Manage actions dialog box, click Save changes.