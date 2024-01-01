WAF Rule Exclusions
WAF rule exclusions provide a flexible way to handle false positives, allowing specific variables, rules, and the entire WAF to be excluded on a per request basis. You can configure up to 300 WAF exclusions and each exclusion of type
rule can have up to 30 rules associated with it.
Data model
id
|string
|Alphanumeric string identifying a WAF rule revision. Read-only.
message
|string
|Message metadata for the rule. Read-only.
modsec_rule_id
|integer
|Corresponding ModSecurity rule ID. Read-only.
paranoia_level
|integer
|Paranoia level for the rule. Read-only.
publisher
|string
|Rule publisher. Read-only.
revision
|integer
|Revision number.
severity
|integer
|Severity metadata for the rule. Read-only.
source
|string
|The ModSecurity rule logic. Read-only.
state
|string
|The state, indicating if the revision is the most recent version of the rule. Read-only.
type
|string
|The rule's type. Read-only.
vcl
|string
|The VCL representation of the rule logic. Read-only.
waf_rule_revisions
|object
waf_rules
|object
condition
|string
|A conditional expression in VCL used to determine if the condition is met.
exclusion_type
|string
|The type of exclusion.
logging
|boolean
|Whether to generate a log upon matching. [Default
true]
name
|string
|Name of the exclusion.
number
|integer
|A numeric ID identifying a WAF exclusion.
relationships.waf_rule_revisions.id
|string
|Alphanumeric string identifying a WAF rule revision.
relationships.waf_rules.id
|string
|Alphanumeric string identifying a WAF rule.
variable
|string
|The variable to exclude. An optional selector can be specified after the variable separated by a colon (
:) to restrict the variable to a particular parameter. Required for
exclusion_type=variable.
created_at
|string
|Date and time in ISO 8601 format. Read-only.
deleted_at
|string
|Date and time in ISO 8601 format. Read-only.
updated_at
|string
|Date and time in ISO 8601 format. Read-only.
Endpoints
GET/waf/firewalls/
firewall_id/versions/
firewall_version_number/exclusions
POST/waf/firewalls/
firewall_id/versions/
firewall_version_number/exclusions
GET/waf/firewalls/
firewall_id/versions/
firewall_version_number/exclusions/
exclusion_number
DELETE/waf/firewalls/
firewall_id/versions/
firewall_version_number/exclusions/
exclusion_number
