This section discusses Creating an Argument Rule
In the New Argument Rule screen, do the following:
- Click on the Rule Enabled toggle button to enable/disable the rule. The rule is enabled by default. The Rule Enabled option is enabled by default
- Enter a unique Rule ID.
- Enter the rule Name.
- Enter a Description for the rule.
- Select a mode:
- Use Policy Mode: When Detection or Enforcement can not be applied, the policy mode is used. For the policy mode to take effect, the WAF policy should allow delegation.
- Detection: WAF rules will be processed but HTTP transactions will not be intercepted. Any rule configured to intercept HTTP transactions will be bypassed.
- Enforcement Mode: WAF rules are processed and HTTP transactions intercepted, as per the rules configured.
- WAF Ruleset paranoia mode is available to select Rules based on the paranoia-level. Creating Paranoia level to the rule is optional. It is recommended to leave the paranoia level value at 1.
- Define the Match Elements as shown below:
- Enter the Value Max Length to define the maximum length of the match value.
- Enter a Match Value Pattern to identify the expression which describes the expected value. To know more about Match Value Pattern refer to String Groups Support.
- Enable Arguments Case Sensitive, if required. This will ensure the match value has the same case as specified in the match value pattern.
- Click on Add Match Element and define the match elements as shown below:
- In the field Name, select the variable specification.
- Enter a Sub Element.
- Click on Excluded, if required. Use this option to Exclude, the element mentioned under Name and Sub Element.
The New Argument Rule screen is as below:
- Click on Save.