How to Access the WAF Rules Created After the Analysis Process? What Should Be Taken Into Consideration?

Step > 1

First, open the WAF Management screen for the related vService. Follow the steps "Monitor Mode > Related vService > WAF Management".

Step > 2

Click the pencil icon under the relevant host group to access the generated rules.

On this screen, control fields, argument validations, and exceptions for each path can be reviewed in detail. Unwanted paths can be removed, or manual rules can be created for new paths.

While reviewing the site map, control fields defined for the relevant "path" should be carefully examined. Fields like "Query, Header, JSON, XML, Form, RAW" and their contents must be verified. For instance, exception definitions can be removed, and the rules can be refined based on logs received during the Monitor Mode. Additionally, if too many arguments are allowed for certain paths, those limits can be reconfigured.