Adding an Access Rule to an Edge Policy

• Console
• CLI
• API

• 1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.
  2. On the Policies page, select the compartment that contains the policy.
  3. (Optional) Filter the listed policies by name, state (status), policy type (Edge policy), or creation date.
  4. Click the name of the Edge policy to which you want to add an access rule.
  5. On the policy details page, under Edge policy, click Access control.
  6. Click the Access rules tab.
     The Access rules list appears. For more information, see Access Rules for Edge Policies.
  7. Click Add access rule.
  8. Provide the following information:
     • Name: Enter a name for the access rule.
     • Action: Select one of the following options to determine the response to a request when the rule is matched:
       • Log and allow: A log is created for all matched requests and no further action is taken.
       • Detect only: A detection alert is created for all matched requests and no further action is taken.
       • Block: All matched requests are blocked and a browser page for the selected response code is returned.
         • Block action: Select the action that's taken when a matching request is blocked.
         • Block response code: Select a response code that's returned when the request has been blocked. The response code provides information indicating why the request was blocked. The default response code is 403 Forbidden.
       • Redirect: All matched requests are redirected. Complete the following options:
         • Redirect status code: Select the status code returned in response to redirect requests from the list.
         • Redirect URL: Enter the URL address to redirect the request to.
       • Bypass: Select one or more challenges to bypass. If you don't specify a challenge, all challenges are bypassed.
       • Show CAPTCHA: Select this option to show a CAPTCHA for all matched requests and take no further action. Enter the following information:
         • CAPTCHA title: Enter the text for the CAPTCHA page title.
         • CAPTCHA header: Enter the text that appears before the CAPTCHA image (for example, "I am not a robot").
         • CAPTCHA footer text: Enter the text to display after the CAPTCHA input box and before the submit button.
         • CAPTCHA submit button: Enter the text for the Submit button (for example, "Yes, I am human.").
     • Conditions: Select the condition that must be met before the rule is matched and specify the details of the condition. Click +Additional condition to add other conditions.
     • Header manipulation(s): Complete the following information:
       • Action: Select the action to apply to the request.
       • Header name: Enter the HTTP header name of the request.
       • Header value: Enter the HTTP header value of the request.
  9. Click Add access rule.

     The access rule is added to the list.

     For changes to take effect, you must publish them. See Publishing Changes.

• Enter the following command and required parameters.

  oci waas access-rule update --waas-policy-id waas_policy_ocid --access-rules access_rules [OPTIONS]

  The access-rules value is a complex type whose value must be valid JSON. The value can be provided as a string on the command line or passed in as a file using the file://path/to/file syntax.

  Create an access rule by adding a new access rule object to the list without a key property specified. A key is generated for the new access rule upon update.

  See the CLI online help for a list of optional parameters:

  oci waas access-rule update --help

  See the Oracle Cloud Infrastructure documentation for a complete description of the oci waas access-rule update command.

• Use the UpdateAccessRules operation to add an address rule using the API.

  Create an access rule by adding a new access rule object to the list without a key property specified. A key is generated for the new access rule upon update.