Hello Max,
I can speak to the Bot Mitigation portion of your query. Once you log into the Advanced Bot Protection portion of the management console, then you can see the specific conditions that are bound to Directives in the Policies you have. For example, the default policy that is bound to your web site will have the block directive. By default the block directive will contain a condition such as "Invalid token". Below is a screenshot of this rule. This condition contains the specific criteria for the condition to evaluate as true.
The documentation in the following link contains information on the specific syntax for writing rules as well as descriptions for the available properties you may use when crafting a rule.
https://console.imperva.com/botmanagement/ui/help/conditionPlease note that you may only access this link after logging into the Advanced Bot Protection portion of the UI. Let me know if this helps and have a great day!
------------------------------
Brooks Cunningham
------------------------------
Original Message:
Sent: 11-04-2020 11:09
From: Max X
Subject: View Built-In Rules in Cloud WAF
Thank you, I am closely familiar with Cloud WAF documentation and the references above. So the question remains. Please advise.
------------------------------
Max X
Original Message:
Sent: 11-04-2020 07:48
From: Christopher Detzel
Subject: View Built-In Rules in Cloud WAF
@Max X,
Thanks for the post. I'm asking @Abhishek Gupta to see if he can help more with the question, but in the meantime, take a look below at some things that could help.
- @Kunal Anand hosted a webinar around Five Real-World Cloud WAF Rules - Community Webinar that I think you would find helpful.
Additional resources that was mentioned in this webinar are from Imperva's documentation site.
------------------------------
Christopher Detzel
Community Manager
Imperva
Original Message:
Sent: 11-03-2020 13:34
From: Max X
Subject: View Built-In Rules in Cloud WAF
Hi,
Is there a way to view/edit built-in rules for Cloud WAF?
For example, how do I know what Imperva currently has in stock and what I may need to compensate for using custom rules? Or can I tweak built-in SQLi or Bot detection in a way that fits my requirements better? And there are other reasons/usecases as well.
Thank you.
#AdvancedBotProtection
#CloudWAF(formerlyIncapsula)
#DDoSProtectionforWebsites
------------------------------
Max X
------------------------------