Skip to content

How to Set Path Based Upload Limitation in TR7 WAF?

About

How to Set Path-Based Upload Limitation?

On TR7, if a request to a vService with active WAF protection is not in JSON, XML, or Form format and includes a body, it is subject to TR7 WAF rules under the RAW section. Additionally, if "Block Invalid JSON, XML, Form Contents" options are not enabled, and unparseable content is sent in these formats, such content will also be handled under RAW WAF rules. If it needs to be blocked, it will be blocked based on rules in the RAW section.

For these reasons, upload limitations on TR7 are configured within the RAW section.

Interface

Upload Limitation

Step > 1

First, open the WAF Management screen of the related vService by following "Monitor Mode > Relevant vService > WAF Management" steps. In the opened screen, open the rules for the relevant Host Group.

Step > 2

To control the upload limit, add a new path and click the "Raw" tab. Since no RAW control is applied on the added path by default, "Rule Source" appears as any path. By default, the maximum body size is limited to 65536 bytes. Click the "Add common rule for Raw" button to modify this limit as needed.