Creating an Argument Rule
This section discusses creation of an Argument Rule.
In the
New Argument Rule
screen, do the following:- Click theRule Enabledtoggle button to enable or disable the rule. The Rule is enabled by default.
- Enter a Rule ID that is unique for this group.
- Enter the ruleName.
- Enter aDescriptionfor the rule.
- Select one of the following:
- Use Policy Mode.
- Detection.
- Enforcement.For more information on choosing a mode, see Selecting a WAF Policy Mode.
- Select a Paranoia Mode. For more information, see Selecting a Paranoia mode. This defines in which Paranoia mode (set by the overall policy) this rule gets executed.
- Define theMatch Elementsas shown below:
- Enter theValue Max Lengthto define the maximum length of the match value.
- Enter aMatch Value Patternto identify the expression which describes the expected value. This value can be a string group or custom string. To know more about string groups, see String Groups Support.
- EnableArguments Case Sensitive, if required. This ensures that the match value has the same case as specified in the match value pattern.
- ClickAdd Match Elementand define the match elements as shown below:
- In the fieldName, select the variable collection. This is a dictionary of all parsed parts of the incoming request. If the match must happen on a POST argument, choose ARGS. The drop-down menu gives all available options.
- Enter aSub Element. This is the name of the element you are matching on. If the match should be on a parameter foo, then enter foo into the Sub Element field.
- Select theExcludedcheck box, if you need to exclude the element mentioned underNameandSub Element. This negates the match. SelectCase Sensitivecheck box for a case-sensitive match.
- Select the criteria to match from theCriteriadrop-down menu.Criteriais the method for locatingMatch Element.Equalsindicates that the providedSub Elementmust be equal to the corresponding request parameter.You can choose other methods. For example, the regular expression match interprets theSub Elementas a regular expression.
- ClickSave.