INTEGER, can be read and set, but not unset.


Deprecated. Available inpassmissdeliverlog

The total score accumulated by triggering scoring rules in the SQL Injection category during WAF processing.

Each scoring rule in the appropriate category that is matched by the current request will increment this variable by the value associated with the rule.

In the waf_debug_log subroutine, the value of this variable will reflect the total score accumulated so far, and not the score associated with any individual rule.

Try it out

waf.sql_injection_score is used in the following code examples. Examples apply VCL to real-world use cases and can be deployed as they are, or adapted for your own service. See the full list of code examples for more inspiration.

Click RUN on a sample below to provision a Fastly service, execute the code on Fastly, and see how the function behaves.

Add custom WAF rules

The web application firewall has thousands of rules built in, but you can augment these with your own.