These known issues have been identified in Web Application Firewall.
Unable to add default origin to WAF policy created with the API
Details:
When creating a WAF policy using the API, if you do not specify a default origin, you cannot add the default origin later using the Console or API. This issue does not apply to policies created using the Console.
Workaround:
Delete the policy that was created without a default origin and create a new policy with the default origin specified.
TLS versions TLS_V1 and TLS_V1_1 have been deprecated 🔗
Details:
TLS versions TLS_V1 and TLS_V1_1 have been deprecated and cannot be used in policy configurations. If you use these versions, a validation might occur.
Workaround:
To work around this issue, update your policy configuration to use versions TLS_V1_2 or TLS_V1_3, or both.
Global DNS change will cause service disruption if new subnets are not whitelisted 🔗
Details:
Global DNS changes will be made for all Oracle Web Application Firewall (WAF) customers beginning in December 2019. All customers that have an origin lock-down (using an explicit IP whitelisting) and will not whitelist the new subnets will have downtime and service degradation.
Workaround:
(Action Required) Customers must whitelist the new subnets to avoid service disruption. For the API documentation, see ListEdgeSubnets.