WAF Rule Exclusions
WAF rule exclusions provide a flexible way to handle false positives, allowing specific variables, rules, and the entire WAF to be excluded on a per request basis. You can configure up to 300 WAF exclusions and each exclusion of type rule can have up to 30 rules associated with it.
Data model
condition | string | A conditional expression in VCL used to determine if the condition is met. |
created_at | string | Date and time in ISO 8601 format. |
exclusion_type | string | The type of exclusion. |
logging | boolean | Whether to generate a log upon matching. |
name | string | Name of the exclusion. |
number | integer | A numeric ID identifying a WAF exclusion. |
updated_at | string | Date and time in ISO 8601 format. |
variable | string | The variable to exclude. An optional selector can be specified after the variable separated by a colon (:) to restrict the variable to a particular parameter. Required for exclusion_type=variable. |
Endpoints
Create a WAF rule exclusion
POST/waf/firewalls/firewall_id/versions/firewall_version_number/exclusions
Get a WAF rule exclusion
GET/waf/firewalls/firewall_id/versions/firewall_version_number/exclusions/exclusion_number