Path-Based Rules

TR7 WAF Operating Principle

The operating principle of TR7 WAF involves initially checking whether the incoming request matches the Full Path. If a match is found, it proceeds according to the rules of the relevant domain. For example, if it matches with "Query" within the Full Path, it follows the rules specific to that. If it cannot find "Query" within the Full Path, it first checks the Query in the Glob Path (checking all Glob Paths before defaulting), and finally, it follows the rules in the Query section of the Default rules.

This principle also applies in the scenario where the incoming request initially doesn't match the Full Path. In such cases, it checks in the Glob Path. If there's no match in the Glob Path, it performs necessary checks based on the rules within the Default Rules.

In the sequence described above, assuming there are 10 Glob Paths between the Full Path and All Paths, the order would be as follows;

First, it checks All Paths in the same way, and if there's no match, it checks all 10 defined Glob Paths. If a match still cannot be found, it is subjected to the rules of All Paths (Default Rules).

TR7 WAF Flow Diagram

What is the TR7 WAF Operating Diagram?

When a request cannot match in the Full Path but reaches the Glob Path, after checking all possible Glob Paths where it could match (if not found in Glob Paths), it proceeds to check in All Paths (Default).