This section discusses Creating an Argument Rule

In the New Argument Rule screen, do the following:

Procedure

  1. Click on the Rule Enabled toggle button to enable/disable the rule. The rule is enabled by default. The Rule Enabled option is enabled by default
  2. Enter a unique Rule ID.
  3. Enter the rule Name.
  4. Enter a Description for the rule.
  5. Select a mode:
    1. Use Policy Mode: When Detection or Enforcement can not be applied, the policy mode is used. For the policy mode to take effect, the WAF policy should allow delegation.
    2. Detection: WAF rules will be processed but HTTP transactions will not be intercepted. Any rule configured to intercept HTTP transactions will be bypassed.
    3. Enforcement Mode: WAF rules are processed and HTTP transactions intercepted, as per the rules configured.
  6. WAF Ruleset paranoia mode is available to select Rules based on the paranoia-level. Creating Paranoia level to the rule is optional. It is recommended to leave the paranoia level value at 1.
  7. Define the Match Elements as shown below:
    1. Enter the Value Max Length to define the maximum length of the match value.
    2. Enter a Match Value Pattern to identify the expression which describes the expected value. To know more about Match Value Pattern refer to String Groups Support.
    3. Enable Arguments Case Sensitive, if required. This will ensure the match value has the same case as specified in the match value pattern.
  8. Click on Add Match Element and define the match elements as shown below:
    1. In the field Name, select the variable specification.
    2. Enter a Sub Element.
    3. Click on Excluded, if required. Use this option to Exclude, the element mentioned under Name and Sub Element.


      The New Argument Rule screen is as below:



  9. Click on Save.