Request Protection Rules Management

Provides an overview of the request protection rules for a Web application firewall (WAF) policy, including their creation, updating, and deletion.

Request protection rules enable the checking of HTTP requests for malicious content and to return a defined HTTP response.

Adding Request Protection Rules

Describes how to add a request protection rule to a WAF policy.

To add a request protection rule using the Console

Describes how to add a request protection rule to a WAF policy using the OCI Console.

  1. Open the navigation menu and click Identity & Security. Under Web Application Firewall, click Policies.

    Alternatively, open the Web Application Firewall page and click Policies under Resources.

    The WAF Policies page appears.

  2. Select the Compartment from the list.

    All the WAF policies in that compartment are listed in tabular form.

  3. (Optional) Apply one or more of the following Filters to limit the WAF policies displayed:
    • State

    • Name

    • Policy Type: Select WAF Policy.

  4. Select the WAF policy to which you want to add a request protection rule.
    The WAF Policy Details dialog box appears.
  5. Click Protections under Resources.

    The Protections list appears.

  6. Select the Request Protection Rules tab.
  7. Click Manage Request Protection Rules.

    The Manage Request Protection Rules dialog box appears.

  8. Click Add Request Protection Rule.

    The Add Request Protection Rule dialog box appears.

    Complete the following:

    • Name: Enter the name of the request protection rule.

    • Conditions: Specify the prerequisite conditions that need to be met for the rule action to occur. See Understanding Conditions for more information on how to author the conditions for your access rule.

    • Rule Action: Select an existing rule to be followed when the preceding conditions are met, or select Create New Action to add one. See Actions Management for more information.

    • Protection Capabilities list: Displays all protection capabilities associated with the protection rule and their information. This information includes the key number, the capability name, collaborative status, any applied tags, and the action used.

      Note

      Protection capabilities are not necessarily run in the order they are listed here.

      Click Choose Protection Capabilities to open the Choose Protection Capabilities dialog box. Complete the following:
      • Filter by Tags: Select one or more filters to limit the protection capabilities displayed.

      • Filter by Version: Select one or more versions to limit the protection capabilities displayed.

      • Reset All Filters: Click to remove all user-inputted filters.

      • Protections list: Check each protection that you want to apply to the rule.

      Click Choose Protection Capabilities to apply the protections you selected to the rule. The Choose Protection Capabilities dialog box closes.
      Click the Actions icon (Action icon) for a protection capability entry and select any of the following commands:
      • View and Edit Protection Capability Settings: Click to open the View and Edit Protection Capability Settings dialog box. Here you can view setting information such as allowed HTTP methods, header information, and argument information.

        Click Edit to update the following settings:
        • Allowed HTTP Methods: Select the HTTP methods allowed by the protection capability 911100: Restrict HTTP Request Methods.

        • Maximum HTTP Request Header Length: Enter the maximum header length allowed in an HTTP request by the protection capability 9200024: Limit length of request header size.

        • Maximum HTTP Request Headers: Enter the maximum number of headers allowed in an HTTP request by the protection capability 9200014: Limit Number of Request Headers.

        • Maximum Number of Arguments: Enter the maximum number of arguments allowed by the protection capability 920380: Number of Arguments Limits.

        • Maximum Single Argument Length: Enter the maximum argument length allowed by the protection capability 920370: Limit argument value length.

        • Maximum Total Argument Length: Enter the maximum total combined length of all arguments allowed by the protection capability 920390: Limit arguments total length.

        Click Save Changes. The View and Edit Protection Capabilities Settings dialog box is closed and your updates saved.
      • Change Action: Check one or more protections from the list and click Change Action to open the Change Action dialog box. Here you can select a different action for the protection capabilities you selected. See Actions Management for more information.

      • Delete: Check one or more protections from the list and click Delete. Confirm the deletions when prompted. All the protections you checked are now deleted.

    For each entry in the Protection Capabilities list, you can select the following from the Actions icon (Action icon):

    • View Details: Opens the Capability Details dialog box. Here you can view the name, description, version, and collaborative status of the protection capability.

    • Change Action: Opens the Change Action dialog box. Here you can select a different action for the protection capability. See Actions Management for more information.

    • Exclusions: Opens the Exclusions dialog box. Here you can specify the types of request that the protection rules bypass. If a request matches any of the set exclusions, the protection rules are run for that request. Select the type and corresponding value for each exclusion entry. Click +Additional Exclusion to add another exclusion to the protection capability. Click X to delete an exclusion. Click Save Changes when done.

    • Override Weight and Threshold: Opens the Override Weight and Threshold dialog box. Here you can view the Default Collaborative Capability Weight and Default Collaborative Capability Threshold information. Check Override weights and threshold to override any of the default values. Click Save Changes.

  9. Click Add Request Protection Rule.

    The Add Request Protection Rule dialog box closes and the request protection rule you added is included in the Request Protection Rules list.

  10. Click Save Changes in the Manage Request Protection Rules dialog box.

The rule you created appears in the list of request protection rules and is available for use.

Listing Request Protection Rules

Describes how to display a list of request protection rules contained with a WAF policy.

To list the request protection rules using the Console

Getting Request Protection Rule Details

Describes how to get the details of a request protection rule contained within a WAF policy.

To get the details of a request protection rule using the Console

Editing Request Protection Rules

Describes how to edit a request protection rule contained within a WAF policy using the OCI Console.

To edit a request protection rule using the Console

Deleting Request Protection Rules

Describes how to delete a request protection rule from a WAF policy.

To delete a request protection rule using the Console