config waf profile
Description: Web application firewall configuration.
edit <name>
set external [disable|enable]
set extended-log [enable|disable]
config signature
Description: WAF signatures.
config main-class
Description: Main signature class.
edit <id>
set status [enable|disable]
set action [allow|block|...]
set log [enable|disable]
set severity [high|medium|...]
next
end
set disabled-sub-class <id1>, <id2>, ...
set disabled-signature <id1>, <id2>, ...
set credit-card-detection-threshold {integer}
config custom-signature
Description: Custom signature.
edit <name>
set status [enable|disable]
set action [allow|block|...]
set log [enable|disable]
set severity [high|medium|...]
set direction [request|response]
set case-sensitivity [disable|enable]
set pattern {string}
set target {option1}, {option2}, ...
next
end
end
config constraint
Description: WAF HTTP protocol restrictions.
config header-length
Description: HTTP header length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config content-length
Description: HTTP content length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config param-length
Description: Maximum length of parameter in URL, HTTP POST request or HTTP body.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config line-length
Description: HTTP line length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config url-param-length
Description: Maximum length of parameter in URL.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config version
Description: Enable/disable HTTP version check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config method
Description: Enable/disable HTTP method check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config hostname
Description: Enable/disable hostname check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config malformed
Description: Enable/disable malformed HTTP request check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-cookie
Description: Maximum number of cookies in HTTP request.
set status [enable|disable]
set max-cookie {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-header-line
Description: Maximum number of HTTP header line.
set status [enable|disable]
set max-header-line {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-url-param
Description: Maximum number of parameters in URL.
set status [enable|disable]
set max-url-param {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-range-segment
Description: Maximum number of range segments in HTTP range line.
set status [enable|disable]
set max-range-segment {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config exception
Description: HTTP constraint exception.
edit <id>
set pattern {string}
set regex [enable|disable]
set address {string}
set header-length [enable|disable]
set content-length [enable|disable]
set param-length [enable|disable]
set line-length [enable|disable]
set url-param-length [enable|disable]
set version [enable|disable]
set method [enable|disable]
set hostname [enable|disable]
set malformed [enable|disable]
set max-cookie [enable|disable]
set max-header-line [enable|disable]
set max-url-param [enable|disable]
set max-range-segment [enable|disable]
next
end
end
config method
Description: Method restriction.
set status [enable|disable]
set log [enable|disable]
set severity [high|medium|...]
set default-allowed-methods {option1}, {option2}, ...
config method-policy
Description: HTTP method policy.
edit <id>
set pattern {string}
set regex [enable|disable]
set address {string}
set allowed-methods {option1}, {option2}, ...
next
end
end
config address-list
Description: Black address list and white address list.
set status [enable|disable]
set blocked-log [enable|disable]
set severity [high|medium|...]
set trusted-address <name1>, <name2>, ...
set blocked-address <name1>, <name2>, ...
end
config url-access
Description: URL access list
edit <id>
set address {string}
set action [bypass|permit|...]
set log [enable|disable]
set severity [high|medium|...]
config access-pattern
Description: URL access pattern.
edit <id>
set srcaddr {string}
set pattern {string}
set regex [enable|disable]
set negate [enable|disable]
next
end
next
end
set comment {var-string}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
external | Disable/Enable external HTTP Inspection. disable: Disable external inspection. enable: Enable external inspection. |
option | - |
extended-log | Enable/disable extended logging. enable: Enable setting. disable: Disable setting. |
option | - |
comment | Comment. | var-string | Maximum length: 1023 |
Parameter Name | Description | Type | Size |
---|---|---|---|
disabled-sub-class <id> |
Disabled signature subclasses. Signature subclass ID. |
integer | Minimum value: 0 Maximum value: 4294967295 |
disabled-signature <id> |
Disabled signatures Signature ID. |
integer | Minimum value: 0 Maximum value: 4294967295 |
credit-card-detection-threshold | The minimum number of Credit cards to detect violation. | integer | Minimum value: 0 Maximum value: 128 |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. erase: Erase credit card numbers. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. erase: Erase credit card numbers. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
direction | Traffic direction. request: Match HTTP request. response: Match HTTP response. |
option | - |
case-sensitivity | Case sensitivity in pattern. disable: Case insensitive in pattern. enable: Case sensitive in pattern. |
option | - |
pattern | Match pattern. | string | Maximum length: 511 |
target | Match HTTP target. arg: HTTP arguments. arg-name: Names of HTTP arguments. req-body: HTTP request body. req-cookie: HTTP request cookies. req-cookie-name: HTTP request cookie names. req-filename: HTTP request file name. req-header: HTTP request headers. req-header-name: HTTP request header names. req-raw-uri: Raw URI of HTTP request. req-uri: URI of HTTP request. resp-body: HTTP response body. resp-hdr: HTTP response headers. resp-status: HTTP response status. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP header in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP content in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Maximum length of parameter in URL, HTTP POST request or HTTP body in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP line in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Maximum length of URL parameter in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity medium: medium severity low: low severity |
option | - |
default-allowed-methods | Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-cookie | Maximum number of cookies in HTTP request (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-header-line | Maximum number HTTP header lines (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-url-param | Maximum number of parameters in URL (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-range-segment | Maximum number of range segments in HTTP range line (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
address | Host address. | string | Maximum length: 79 |
header-length | HTTP header length in request. enable: Enable setting. disable: Disable setting. |
option | - |
content-length | HTTP content length in request. enable: Enable setting. disable: Disable setting. |
option | - |
param-length | Maximum length of parameter in URL, HTTP POST request or HTTP body. enable: Enable setting. disable: Disable setting. |
option | - |
line-length | HTTP line length in request. enable: Enable setting. disable: Disable setting. |
option | - |
url-param-length | Maximum length of parameter in URL. enable: Enable setting. disable: Disable setting. |
option | - |
version | Enable/disable HTTP version check. enable: Enable setting. disable: Disable setting. |
option | - |
method | Enable/disable HTTP method check. enable: Enable setting. disable: Disable setting. |
option | - |
hostname | Enable/disable hostname check. enable: Enable setting. disable: Disable setting. |
option | - |
malformed | Enable/disable malformed HTTP request check. enable: Enable setting. disable: Disable setting. |
option | - |
max-cookie | Maximum number of cookies in HTTP request. enable: Enable setting. disable: Disable setting. |
option | - |
max-header-line | Maximum number of HTTP header line. enable: Enable setting. disable: Disable setting. |
option | - |
max-url-param | Maximum number of parameters in URL. enable: Enable setting. disable: Disable setting. |
option | - |
max-range-segment | Maximum number of range segments in HTTP range line. enable: Enable setting. disable: Disable setting. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity medium: medium severity low: low severity |
option | - |
default-allowed-methods | Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
address | Host address. | string | Maximum length: 79 |
allowed-methods | Allowed Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
blocked-log | Enable/disable logging on blocked addresses. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
trusted-address <name> |
Trusted address. Address name. |
string | Maximum length: 79 |
blocked-address <name> |
Blocked address. Address name. |
string | Maximum length: 79 |
Parameter Name | Description | Type | Size |
---|---|---|---|
address | Host address. | string | Maximum length: 79 |
action | Action. bypass: Allow the HTTP request, also bypass further WAF scanning. permit: Allow the HTTP request, and continue further WAF scanning. block: Block HTTP request. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
srcaddr | Source address. | string | Maximum length: 79 |
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
negate | Enable/disable match negation. enable: Enable setting. disable: Disable setting. |
option | - |
config waf profile
Description: Web application firewall configuration.
edit <name>
set external [disable|enable]
set extended-log [enable|disable]
config signature
Description: WAF signatures.
config main-class
Description: Main signature class.
edit <id>
set status [enable|disable]
set action [allow|block|...]
set log [enable|disable]
set severity [high|medium|...]
next
end
set disabled-sub-class <id1>, <id2>, ...
set disabled-signature <id1>, <id2>, ...
set credit-card-detection-threshold {integer}
config custom-signature
Description: Custom signature.
edit <name>
set status [enable|disable]
set action [allow|block|...]
set log [enable|disable]
set severity [high|medium|...]
set direction [request|response]
set case-sensitivity [disable|enable]
set pattern {string}
set target {option1}, {option2}, ...
next
end
end
config constraint
Description: WAF HTTP protocol restrictions.
config header-length
Description: HTTP header length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config content-length
Description: HTTP content length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config param-length
Description: Maximum length of parameter in URL, HTTP POST request or HTTP body.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config line-length
Description: HTTP line length in request.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config url-param-length
Description: Maximum length of parameter in URL.
set status [enable|disable]
set length {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config version
Description: Enable/disable HTTP version check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config method
Description: Enable/disable HTTP method check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config hostname
Description: Enable/disable hostname check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config malformed
Description: Enable/disable malformed HTTP request check.
set status [enable|disable]
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-cookie
Description: Maximum number of cookies in HTTP request.
set status [enable|disable]
set max-cookie {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-header-line
Description: Maximum number of HTTP header line.
set status [enable|disable]
set max-header-line {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-url-param
Description: Maximum number of parameters in URL.
set status [enable|disable]
set max-url-param {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config max-range-segment
Description: Maximum number of range segments in HTTP range line.
set status [enable|disable]
set max-range-segment {integer}
set action [allow|block]
set log [enable|disable]
set severity [high|medium|...]
end
config exception
Description: HTTP constraint exception.
edit <id>
set pattern {string}
set regex [enable|disable]
set address {string}
set header-length [enable|disable]
set content-length [enable|disable]
set param-length [enable|disable]
set line-length [enable|disable]
set url-param-length [enable|disable]
set version [enable|disable]
set method [enable|disable]
set hostname [enable|disable]
set malformed [enable|disable]
set max-cookie [enable|disable]
set max-header-line [enable|disable]
set max-url-param [enable|disable]
set max-range-segment [enable|disable]
next
end
end
config method
Description: Method restriction.
set status [enable|disable]
set log [enable|disable]
set severity [high|medium|...]
set default-allowed-methods {option1}, {option2}, ...
config method-policy
Description: HTTP method policy.
edit <id>
set pattern {string}
set regex [enable|disable]
set address {string}
set allowed-methods {option1}, {option2}, ...
next
end
end
config address-list
Description: Black address list and white address list.
set status [enable|disable]
set blocked-log [enable|disable]
set severity [high|medium|...]
set trusted-address <name1>, <name2>, ...
set blocked-address <name1>, <name2>, ...
end
config url-access
Description: URL access list
edit <id>
set address {string}
set action [bypass|permit|...]
set log [enable|disable]
set severity [high|medium|...]
config access-pattern
Description: URL access pattern.
edit <id>
set srcaddr {string}
set pattern {string}
set regex [enable|disable]
set negate [enable|disable]
next
end
next
end
set comment {var-string}
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
external | Disable/Enable external HTTP Inspection. disable: Disable external inspection. enable: Enable external inspection. |
option | - |
extended-log | Enable/disable extended logging. enable: Enable setting. disable: Disable setting. |
option | - |
comment | Comment. | var-string | Maximum length: 1023 |
Parameter Name | Description | Type | Size |
---|---|---|---|
disabled-sub-class <id> |
Disabled signature subclasses. Signature subclass ID. |
integer | Minimum value: 0 Maximum value: 4294967295 |
disabled-signature <id> |
Disabled signatures Signature ID. |
integer | Minimum value: 0 Maximum value: 4294967295 |
credit-card-detection-threshold | The minimum number of Credit cards to detect violation. | integer | Minimum value: 0 Maximum value: 128 |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. erase: Erase credit card numbers. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. erase: Erase credit card numbers. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
direction | Traffic direction. request: Match HTTP request. response: Match HTTP response. |
option | - |
case-sensitivity | Case sensitivity in pattern. disable: Case insensitive in pattern. enable: Case sensitive in pattern. |
option | - |
pattern | Match pattern. | string | Maximum length: 511 |
target | Match HTTP target. arg: HTTP arguments. arg-name: Names of HTTP arguments. req-body: HTTP request body. req-cookie: HTTP request cookies. req-cookie-name: HTTP request cookie names. req-filename: HTTP request file name. req-header: HTTP request headers. req-header-name: HTTP request header names. req-raw-uri: Raw URI of HTTP request. req-uri: URI of HTTP request. resp-body: HTTP response body. resp-hdr: HTTP response headers. resp-status: HTTP response status. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP header in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP content in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Maximum length of parameter in URL, HTTP POST request or HTTP body in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Length of HTTP line in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
length | Maximum length of URL parameter in bytes (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity medium: medium severity low: low severity |
option | - |
default-allowed-methods | Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-cookie | Maximum number of cookies in HTTP request (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-header-line | Maximum number HTTP header lines (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-url-param | Maximum number of parameters in URL (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
max-range-segment | Maximum number of range segments in HTTP range line (0 to 2147483647). | integer | Minimum value: 0 Maximum value: 2147483647 |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
address | Host address. | string | Maximum length: 79 |
header-length | HTTP header length in request. enable: Enable setting. disable: Disable setting. |
option | - |
content-length | HTTP content length in request. enable: Enable setting. disable: Disable setting. |
option | - |
param-length | Maximum length of parameter in URL, HTTP POST request or HTTP body. enable: Enable setting. disable: Disable setting. |
option | - |
line-length | HTTP line length in request. enable: Enable setting. disable: Disable setting. |
option | - |
url-param-length | Maximum length of parameter in URL. enable: Enable setting. disable: Disable setting. |
option | - |
version | Enable/disable HTTP version check. enable: Enable setting. disable: Disable setting. |
option | - |
method | Enable/disable HTTP method check. enable: Enable setting. disable: Disable setting. |
option | - |
hostname | Enable/disable hostname check. enable: Enable setting. disable: Disable setting. |
option | - |
malformed | Enable/disable malformed HTTP request check. enable: Enable setting. disable: Disable setting. |
option | - |
max-cookie | Maximum number of cookies in HTTP request. enable: Enable setting. disable: Disable setting. |
option | - |
max-header-line | Maximum number of HTTP header line. enable: Enable setting. disable: Disable setting. |
option | - |
max-url-param | Maximum number of parameters in URL. enable: Enable setting. disable: Disable setting. |
option | - |
max-range-segment | Maximum number of range segments in HTTP range line. enable: Enable setting. disable: Disable setting. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Enable/disable the constraint. enable: Enable setting. disable: Disable setting. |
option | - |
action | Action. allow: Allow. block: Block. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity medium: medium severity low: low severity |
option | - |
default-allowed-methods | Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
address | Host address. | string | Maximum length: 79 |
allowed-methods | Allowed Methods. get: HTTP GET method. post: HTTP POST method. put: HTTP PUT method. head: HTTP HEAD method. connect: HTTP CONNECT method. trace: HTTP TRACE method. options: HTTP OPTIONS method. delete: HTTP DELETE method. others: Other HTTP methods. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
status | Status. enable: Enable setting. disable: Disable setting. |
option | - |
blocked-log | Enable/disable logging on blocked addresses. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
trusted-address <name> |
Trusted address. Address name. |
string | Maximum length: 79 |
blocked-address <name> |
Blocked address. Address name. |
string | Maximum length: 79 |
Parameter Name | Description | Type | Size |
---|---|---|---|
address | Host address. | string | Maximum length: 79 |
action | Action. bypass: Allow the HTTP request, also bypass further WAF scanning. permit: Allow the HTTP request, and continue further WAF scanning. block: Block HTTP request. |
option | - |
log | Enable/disable logging. enable: Enable setting. disable: Disable setting. |
option | - |
severity | Severity. high: High severity. medium: Medium severity. low: Low severity. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
srcaddr | Source address. | string | Maximum length: 79 |
pattern | URL pattern. | string | Maximum length: 511 |
regex | Enable/disable regular expression based pattern match. enable: Enable setting. disable: Disable setting. |
option | - |
negate | Enable/disable match negation. enable: Enable setting. disable: Disable setting. |
option | - |