Creating an Argument Rule

This section discusses creation of an Argument Rule.
In the
New Argument Rule
screen, do the following.
  1. Click the
    Rule Enabled
    toggle button to enable or disable the rule. The Rule is enabled by default.
  2. Enter a
    Rule ID
    that is unique for this group.
  3. Enter the rule
    Name
    .
  4. Enter a
    Description
    for the rule.
  5. Select one of the following:
  6. Select a Paranoia mode. For more information, see What are the Paranoia Modes available in WAF? What are the considerations for choosing the mode? in FAQ section. This defines the Paranoia mode (set by the overall policy) in which this rule gets executed.
  7. Define the
    Match Elements
    as shown below:
    1. Enter the
      Value Max Length
      to define the maximum length of the match value.
    2. Select a
      Value
      to identify the expression that describes the expected value. This value can be a
      Pattern
      or
      String Group/Key
      . For more information on String Groups, see String Groups Support.
    3. Enable
      Arguments Case Sensitive
      , if required. This ensures that the match value has the same case as specified in the match value pattern.
  8. Click
    Add Match Element
    and define the match elements as shown below:
    1. In the field
      Name
      , select the variable collection. This is a dictionary of all parsed parts of the incoming request. If the match must happen on a POST argument, choose
      ARGS
      . The drop-down menu gives all available options.
    2. Select the criteria to match from the
      Criteria
      drop-down menu. Criteria is the method for locating Match Element. Equals indicates that the provided
      Sub Element
      must be equal to the corresponding request parameter.
      You can choose other methods. For example, the regular expression match interprets the
      Sub Element
      as a regular expression.
    3. Enter a
      Sub Element
      . This is the name of the element you are matching on. If the match should be on a parameter
      foo
      , enter
      foo
      in the
      Sub Element
      field.
    4. Select the
      Excluded
      check box, if you need to exclude the element mentioned under
      Name
      and
      Sub Element
      . This negates the match.
    5. Select
      Case Sensitive
      check box for a case-sensitive match.
  9. Click
    Save
    .