Examples

Bypassing WAF when there is a match :

• The request comes from a specific IP range.

  or

• The request matches the URL pattern specified using the HTTP Method match type.

Use cases

• Allow access from the internal network.

• A security scanner that scans the application directly bypassing WAF protection.

• Do not check special parts of the URL space, for example “/upload/*”.

• Run parts of the application in Detection mode.