Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  View Built-In Rules in Cloud WAF

     
    Posted 11-03-2020 16:37
    Hi,

    Is there a way to view/edit built-in rules for Cloud WAF?

    For example, how do I know what Imperva currently has in stock and what I may need to compensate for using custom rules? Or can I tweak built-in SQLi or Bot detection in a way that fits my requirements better? And there are other reasons/usecases as well.

    Thank you.
    #AdvancedBotProtection
    #CloudWAF(formerlyIncapsula)
    #DDoSProtectionforWebsites

    ------------------------------
    Max X
    ------------------------------


  • 2.  RE: View Built-In Rules in Cloud WAF

    Posted 11-04-2020 07:48
    Edited by Christopher Detzel 11-04-2020 10:21
    @Max X

    Thanks for the post. I'm asking @Abhishek Gupta to see if he can help more with the question, but in the meantime, take a look below at some things that could help.

      1. ​​@Kunal Anand hosted a webinar around Five Real-World Cloud WAF Rules - Community Webinar that I think you would find helpful.

      Additional resources that was mentioned in this webinar are from Imperva's documentation site. 



      ------------------------------
      Christopher Detzel
      Community Manager
      Imperva
      ------------------------------

      Original Message


    1. 3.  RE: View Built-In Rules in Cloud WAF

       
      Posted 11-04-2020 11:09
      Thank you, I am closely familiar with Cloud WAF documentation and the references above. So the question remains. Please advise.

      ------------------------------
      Max X
      ------------------------------

      Original Message


    2. 4.  RE: View Built-In Rules in Cloud WAF

      Posted 11-04-2020 13:09
      Hello Max,

      I can speak to the Bot Mitigation portion of your query. Once you log into the Advanced Bot Protection portion of the management console, then you can see the specific conditions that are bound to Directives in the Policies you have. For example, the default policy that is bound to your web site will have the block directive. By default the block directive will contain a condition such as "Invalid token". Below is a screenshot of this rule. This condition contains the specific criteria for the condition to evaluate as true.


      The documentation in the following link contains information on the specific syntax for writing rules as well as descriptions for the available properties you may use when crafting a rule.

      https://console.imperva.com/botmanagement/ui/help/condition

      Please note that you may only access this link after logging into the Advanced Bot Protection portion of the UI. Let me know if this helps and have a great day!


      ------------------------------
      Brooks Cunningham
      ------------------------------

      Original Message


    3. 5.  RE: View Built-In Rules in Cloud WAF

       
      Posted 11-04-2020 13:54
      Thank you Brooks. Does ABP list built-in rules or only custom ones? And what about basic Bot Mitigation in case I don't have ABP subscription - can I view/edit built-in rules there?

      ------------------------------
      Max X
      ------------------------------

      Original Message


    4. 6.  RE: View Built-In Rules in Cloud WAF

      Posted 11-04-2020 16:34
      The link to the documentation that I shared previously will contain information on the properties for built-in conditions as well as custom conditions. For the basic Bot Mitigation, I did not see the ability to modify the built-in rules or look at the specific mechanics for how the rules work.

      ------------------------------
      Brooks Cunningham
      ------------------------------

      Original Message