Contact UsGet started
© 2024 Iron Hive LLC Belgrade

Adding a WAF exclusion rule

Written by
Updated at September 3, 2024
  1. In the management console, select the folder the WAF profile is in.
  2. In the list of services, select Smart Web Security.
  3. In the left-hand panel, select WAF profiles.
  4. Select the profile you want to add an exclusion rule to.
  5. In the left-hand menu, go to the Exclusion rules tab and click Create exception rule. In the window that opens:

    1. Name the exclusion rule.

    2. (optional) Enter a description.

    3. (Optional) Enable Write logs to log exception rule triggering.

    4. Under Scope of use, select rules from the basic set for which the exclusion will be valid:

      • All rules: Exclusion will be valid for all rules.

      • Selected rules: Exclusion will be valid for the selected rules.

        Click Add rules to select rules from the basic set.

    5. Under Traffic conditions, specify which traffic the rule will be used to analyze:

      • All traffic: The rule will be used to analyze the whole traffic.

      • Conditional: The rule will be used to analyze the traffic specified in the Conditions field:

        • IP: IP address, IP address range, or IP address region.
        • HTTP header: HTTP header string.
        • HTTP body: String in the HTTP body.
        • Request URI: Request path.
        • Host: Domain receiving the request.
        • HTTP method: Request method.
        • Cookie: Cookie header string.

        You can set multiple conditions of the same type. To do this, select all the condition types you need in the Conditions field.

        You can also set multiple conditions of the same type at the same time. To do this, click and or or in the section with the condition you need.

        To delete a condition, click .

    6. Click Create.

See also

Previous
Configuring a basic rule set
Next
Updating an exclusion rule