Skip to content

TR7 Does WAF Block Static Content? What Should be Done to Exclude Static Content from WAF?

About

What is Static Content?

Static content in an HTTP request refers to files that are pre-existing on the server and sent directly to the client without requiring any processing. These files are generally the same for each client. In contrast, dynamic content refers to content that is generated differently for each client by the server. For example, an HTML page that needs to be dynamically generated with different content for each client is considered dynamic content.

Static content typically includes files such as: html, css, images, videos, audio files, documents, etc.

Interface

Exclude Static Content from WAF

Step > 1

To configure static content on TR7 WAF, first, open the WAF Management screen for the relevant vService. Follow "Monitor Mode > Related vService > WAF Management". Then, click the pencil icon next to "Checks".

Step > 2

By default, static content is not checked by TR7 WAF. Enabling WAF inspection for static content may reduce system performance, cause unnecessary load, and lead to false positives. However, if desired, static content can be included under WAF rules by changing "Do not WAF Static Contents" to disabled.