Applying an Action to a Protection Rule

Use the Web Application Firewall Edge policies to apply an action to a protection rule.

Using the Console

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.
  2. On the Policies page, select the compartment that contains the policy.
  3. (Optional) Filter the listed policies by name, state (status), policy type (Edge policy), or creation date.
  4. Click the name of the Edge policy that you want to configure rule settings for. 
  5. On the policy details page, under Edge policy, click Protection rules.
  6. Click the Rules tab, and then find the protection rule you that want to apply an action to.
    Tip

    You can use the Rule ID to find a protection rule.
  7. Click the Actions menu (Actions Menu) for the rule and select one of the following options:
    • Detect: Matching requests generate an alert and the request is proxied.
    • Block: Matching requests are blocked.
    • Off: The rule is disabled.
    • Exclusions: Exclusions are set to specify the types of requests that are bypassed by the protection rule. If a request matches any of the set exclusions, the protection rule doesn't run for that request.
      1. In the Exclusions dialog box, enter the following criteria:
        • Exclusion: Select request cookie values, request cookie names, request parameters, or request parameter names.
        • Value: Enter the value for the selected exclusion.
      2. Click Save changes.

The protection rule action is added to the list to be published. For more information, see WAF Protection Rules.