Applying an Action to a Protection Rule

1. Open the navigation menu  and select Identity & Security. Under Web Application Firewall, select Edge Policy Resources.

   The Policies list opens. All edge policies are listed in a table.

2. Select the Compartment from the list.

   All the edge policies in that compartment are listed in a table.

3. (Optional) Apply one or more of the following Filters to limit the edge policies displayed:
   • State
   • Name
   • Policy Type: Select Edge Policy.
4. Select the edge policy that you want to configure rule settings for.

   The edge policy's details page opens.

5. On the policy details page, under Edge policy, select Protection rules.
6. Select the Rules tab, and then find the protection rule you that want to apply an action to.
   Tip
   
   You can use the Rule ID to find a protection rule.
7. Select the Actions menu (three dots) for the rule and select one of the following options:
   • Detect: Matching requests generate an alert and the request is proxied.
   • Block: Matching requests are blocked.
   • Off: The rule is disabled.
   • Exclusions: Exclusions are set to specify the types of requests that are bypassed by the protection rule. If a request matches any of the set exclusions, the protection rule doesn't run for that request.
     1. In the Exclusions dialog box, enter the following criteria:
        • Exclusion: Select request cookie values, request cookie names, request parameters, or request parameter names.
        • Value: Enter the value for the selected exclusion.
     2. Select Save changes.

The protection rule action is added to the list to be published. For more information, see WAF Protection Rules.