Response Control Management

Describes response control for a WAF policy. The topic also describes how to manage its features and functionality.

The response control manages the inspection of HTTP response properties and the return a defined HTTP response.

Manage the response control through the Access Control resource of the WAF policy. Here you can do the following response control tasks:

  • View access rules and their properties.
  • Add and manage access rules, including editing, reordering, and deleting them.

Adding Access Rules to Response Controls

Describes how to add an access rule to a response control contained in a WAF policy.

To add an access rule to a response control using the Console

Describes how to add an access rule to a response control contained in a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to which you want to add an access rule to a response control.
    The WAF Policy Details dialog box appears.
  5. Click Access Control under Resources.

    The Access Control list appears.

  6. Select the Response Control tab.
  7. Click Manage Response Control.

    The Manage Response Control dialog box appears.

  8. Click Add Access Rule.

    The Add Access Rule dialog box appears.

    Complete the following:

    • Name: Enter the name of the access rule.

    • Conditions: Specify the prerequisite conditions that need to be met for the rule action to occur.

    • Rule Action: Select an existing rule to be followed when the preceding conditions are met, or select Create New Action to add one.

      • Pre-configured Check Action: Allows the running of rules and generates a log message documenting the result.

      • Pre-configured Allow Action: Skips all remaining rules in the current module.

      • Pre-configured 401 Response Code Action: Returns a defined HTTP response. The response code configuration (headers and response page body) determines the HTTP response that is returned when this action is run.

        Click Show Header Details to display the HTTP response headers specified in the selected Return HTTP response action.

        Click Show Response Page Body Details to display the HTTP response body specified in the selected "Return HTTP response" action.

      See Actions Management for a complete description and explanation of how to use actions in a WAF policy.

    The access rule you created is added to the list of rules and is available for use.

  9. Click Add Access Rule.

    The Add Access Rule dialog box closes.

  10. Click Save Changes in the Manage Response Control dialog box.

The rule you created appears in the list of access rules for the response control and is available for use.

Listing Access Rules for Response Controls

Describes how to display a list of response control rules contained within a WAF policy.

To list the access rules for a response control using the Console

Getting Access Rule Details for Response Controls

Describes how to get the details of an access rule for a response control contained within a WAF policy.

To get the details of an access rule for a response control using the Console

Editing Access Rules for Response Controls

Describes how to edit an access rule for a response control contained within a WAF policy using the OCI Console.

To edit an access rule for a response control using the Console

Describes how to edit an access rule for a response control contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy whose access rule for a response control you want to edit.
    The WAF Policy Details dialog box appears.
  5. Click Access Control under Resources.

    The Access Control list appears.

  6. Select the Response Control tab.
  7. Click Manage Response Control.

    The Manage Response Control dialog box appears.

  8. Click Edit next to the access rule you want to edit.

    The Edit Access Rule dialog box appears.

  9. Edit the access rule settings. See Adding Access Rules to Response Controls for descriptions of each setting.
  10. Click Save Changes.

    The Edit Access Rule dialog box closes.

  11. Click Save Changes in the Manage Request Control dialog box.

The updates you made are present in the details of the access rule.

Changing Actions for Response Control Access Rules

Describes how to change the action for one or more selected access rules for the WAF policy's response control.

To change the actions for response control access rules using the Console

Describes how to change the action for one or more selected access rules for the WAF policy's response control using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy whose response control access rule actions you want to change.
    The WAF Policy Details dialog box appears.
  5. Click Access Control under Resources.

    The Access Control list appears.

  6. Select the Response Control tab.
  7. Click Manage Response Control.

    The Manage Response Control dialog box appears.

  8. Check one or more entries in the Access Rules list whose actions you want to change.
    Note

    You must select at least one access rule entry in the list to use this command.

  9. Click Change Action.

    The Change Action dialog box appears.

  10. Select the action you want to update the selected access rules to use from the list. See Actions Management for more information.
  11. Click Change Action.
    The Change Action dialog box closes.
  12. Click Save Changes in the Manage Request Control dialog box.

Those access rules you selected are updated to use the action you specified.

Reordering Response Control Access Rules

Describes how to reorder the access rules for a WAF policy's response control.

To reorder the access rules for a response control using the Console

Describes how to reorder the access rules for the WAF policy's response control using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy whose response control access rules you want to reorder.
    The WAF Policy Details dialog box appears.
  5. Click Access Control under Resources.

    The Access Control list appears.

  6. Select the Response Control tab.
  7. Click Manage Response Control.

    The Manage Response Control dialog box appears.

    If there are multiple access rules listed, each has a Reorder menu included under Change Order.

  8. Click the Reorder menu and select the appropriate command, such as Move Up or Move to Bottom, to reorder the access rule. Repeat this step for each access rule you want to reorder. The access rules run in the order they appear in this list.
  9. Click Save Changes in the Manage Response Control dialog box.

The access rules you reordered are updated in the WAF policy's response control.

Deleting Access Rules from Response Controls

Describes how to delete an access rule from the response control contained within a WAF policy.

To delete an access rule from a response control using the Console

Describes how to delete an access rule from the response control contained within a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy whose access rule for a response control you want to delete.
    The WAF Policy Details dialog box appears.
  5. Click Access Control under Resources.

    The Access Control list appears.

  6. Select the Response Control tab.
  7. Click Manage Response Control.

    The Manage Response Control dialog box appears.

  8. Check one or more access rules that you want to delete and click Delete.
  9. Confirm the deletion when prompted.
  10. Click Save Changes in the Manage Request Control dialog box.

The list of access rules reappears without the access rules you deleted.