Custom Headers

Describes how to configure custom headers for the origins for an edge policy.

Use custom headers to help validate that the requests made to your origin were sent from the edge. Custom headers let you configure your origin to only allow requests that contain the custom header values that you specify.

Using the Console

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the edge policies displayed:
    • State

    • Name

    • Policy Type: Select Edge Policy.

  4. Click the name of the edge policy where you want to configure custom headers for the origins. The Details page of the edge policy you selected appears.
  5. Click Settings under WAF Policy.

    The Settings list appears.

  6. Click the Origin Settings tab.
  7. Click Edit.
    The Origin Management Settings dialog box appears.
    Note

    The Edit option is available when the policy status is ACTIVE, and isn't available when the status is UPDATING.
  8. Scroll to the bottom of the dialog box and click Show Advanced Options.

    The Custom Headers section appears.

  9. Enter the Header Name and Header Value.

    Click + Additional Header to add another custom header row for you to complete. Click X to remove an associated header row.

  10. Click Save Changes.
Publish your changes for them to take effect. See Publishing Changes.

Was this article helpful?