Creating an Argument Rule

This section discusses creation of an Argument Rule.

In the New Argument Rule screen, do the following:

Procedure

Click the Rule Enabled toggle button to enable or disable the rule. The Rule is enabled by default.
Enter a Rule ID that is unique for this group.
Enter the rule Name.
Enter a Description for the rule.
Select one of the following:
- Use Policy Mode.
- Detection.
- Enforcement.
  For more information on choosing a mode, see Selecting a WAF Policy Mode.
Select a Paranoia Mode. For more information, see Selecting a Paranoia mode. This defines in which Paranoia mode (set by the overall policy) this rule gets executed.
Define the Match Elements as shown below:
1. Enter the Value Max Length to define the maximum length of the match value.
2. Enter a Match Value Pattern to identify the expression which describes the expected value. This value can be a string group or custom string. To know more about string groups, see String Groups Support.
3. Enable Arguments Case Sensitive, if required. This ensures that the match value has the same case as specified in the match value pattern.
Click Add Match Element and define the match elements as shown below:
1. In the field Name, select the variable collection. This is a dictionary of all parsed parts of the incoming request. If the match must happen on a POST argument, choose ARGS. The drop-down menu gives all available options.
2. Enter a Sub Element. This is the name of the element you are matching on. If the match should be on a parameter foo, then enter foo into the Sub Element field.
3. Select the Excluded check box, if you need to exclude the element mentioned under Name and Sub Element. This negates the match. Select Case Sensitive check box for a case-sensitive match.
4. Select the criteria to match from the Criteria drop-down menu. Criteria is the method for locating Match Element. Equals indicates that the provided Sub Element must be equal to the corresponding request parameter.
  
  Note:
  You can choose other methods. For example, the regular expression match interprets the Sub Element as a regular expression.
Click Save.