Imperva Cyber Community

Expand all | Collapse all

View Built-In Rules in Cloud WAF

  • 1.  View Built-In Rules in Cloud WAF

    Posted 28 days ago
    Hi,

    Is there a way to view/edit built-in rules for Cloud WAF?

    For example, how do I know what Imperva currently has in stock and what I may need to compensate for using custom rules? Or can I tweak built-in SQLi or Bot detection in a way that fits my requirements better? And there are other reasons/usecases as well.

    Thank you.
    #AdvancedBotProtection
    #CloudWAF(formerlyIncapsula)
    #DDoSProtectionforWebsites

    ------------------------------
    Max X
    ------------------------------


  • 2.  RE: View Built-In Rules in Cloud WAF

    Community Manager
    Posted 27 days ago
    @Max X

    Thanks for the post. I'm asking @Abhishek Gupta to see if he can help more with the question, but in the meantime, take a look below at some things that could help.

      1. ​​@Kunal Anand hosted a webinar around Five Real-World Cloud WAF Rules - Community Webinar that I think you would find helpful.

      Additional resources that was mentioned in this webinar are from Imperva's documentation site. 



      ------------------------------
      Christopher Detzel
      Community Manager
      Imperva
      ------------------------------



    1. 3.  RE: View Built-In Rules in Cloud WAF

      Posted 27 days ago
      Thank you, I am closely familiar with Cloud WAF documentation and the references above. So the question remains. Please advise.

      ------------------------------
      Max X
      ------------------------------



    2. 4.  RE: View Built-In Rules in Cloud WAF

      Imperva Employee
      Posted 27 days ago
      Hello Max,

      I can speak to the Bot Mitigation portion of your query. Once you log into the Advanced Bot Protection portion of the management console, then you can see the specific conditions that are bound to Directives in the Policies you have. For example, the default policy that is bound to your web site will have the block directive. By default the block directive will contain a condition such as "Invalid token". Below is a screenshot of this rule. This condition contains the specific criteria for the condition to evaluate as true.


      The documentation in the following link contains information on the specific syntax for writing rules as well as descriptions for the available properties you may use when crafting a rule.

      https://console.imperva.com/botmanagement/ui/help/condition

      Please note that you may only access this link after logging into the Advanced Bot Protection portion of the UI. Let me know if this helps and have a great day!


      ------------------------------
      Brooks Cunningham
      ------------------------------



    3. 5.  RE: View Built-In Rules in Cloud WAF

      Posted 27 days ago
      Thank you Brooks. Does ABP list built-in rules or only custom ones? And what about basic Bot Mitigation in case I don't have ABP subscription - can I view/edit built-in rules there?

      ------------------------------
      Max X
      ------------------------------



    4. 6.  RE: View Built-In Rules in Cloud WAF

      Imperva Employee
      Posted 27 days ago
      The link to the documentation that I shared previously will contain information on the properties for built-in conditions as well as custom conditions. For the basic Bot Mitigation, I did not see the ability to modify the built-in rules or look at the specific mechanics for how the rules work.

      ------------------------------
      Brooks Cunningham
      ------------------------------