Original Message:
Sent: 02-16-2023 12:05
From: Jaired Anderson
Subject: Flexing with IncapRules
Did you know 🤔 IncapRules can be scheduled? 🕑
For example, the scheduler can be used to redirect requests to a backup site during a scheduled maintenance window to avoid downtime.
The rule is triggered when requests arrive during the specified times and match all other conditions of the rule filter.
For syntax, please see: https://docs.imperva.com/bundle/cloud-application-security/page/rules/scheduler.htm
------------------------------
Jaired Anderson
Imperva
Original Message:
Sent: 08-05-2022 12:22
From: Jaired Anderson
Subject: Flexing with IncapRules
Use Case: Enrich headers with Geolocation data.
Rule Filter: Leave this blank
Rule Action: Rewrite Request Header
Header Name: X-Loc
Note: You can enter your own name for the header. X-Loc is an example. This will be the name of the custom header appended that contains the location data.
Add new if missing: Check this box
From: Leave this field blank
To: $latitude$longitude
Rule Name: Give the rule a name. Ex: Add lat long
Click Save.
The CWAF will now pass along the latitude and longitude of the client in a custom header. These coordinates can also be logged by your web servers.
------------------------------
JairedAnderson
Imperva
Original Message:
Sent: 06-21-2022 10:50
From: Jaired Anderson
Subject: Flexing with IncapRules
Use Case: Retrieve content from a 3rd party or location while masking the Origin. When a client accesses www.example.com/PathHere the content will be retrieved from destination.example.org/PathHere
Your Site: www.example.com
3rd Party: destination.example.org
You must have the load balancing module to define data centers.
This can be accomplished using forward and rewrite rules.
Define destination.example.org as a Data Center and check the box to Support only forward rules.
Create a new Forward rule with the following filter criteria:
URL == "/PathHere"
Adjust the match criteria as desired. For example, the statement above is a strict match ( == ) on "/PathHere" and will not match "/PathHere/".
For the Rule Action, select Forward to Data Center and select the destination.example.org Data Center.
Give the rule a name and click Save.
Imperva Cloud will now Forward all requests for www.example.com/PathHere (client facing) to destination.example.org/PathHere. (backend) and retrieve the content. The clients address bar will display www.example.com/PathHere.
Please note however that a Rewrite rule is also typically required in conjunction with a Forward rule. This is because the Origin Data Center usually won't respond because the original Host header is sent. Additionally, the SSL handshake can fail with the Origin server if the Host names do not match.
Create a Rewrite matching the same path as the Forward rule.
URL == "/PathHere"
For the Rule Action, select Rewrite Header.
For the Header Name, enter Host
Leave the From empty and in the To enter destination.example.org
Enter a name for the rule and click Save.
Reply to this thread to share your IncapRules with the community!
Helpful Links
IncapRule Syntax Guide
https://docs.imperva.com/bundle/cloud-application-security/page/rules/rule-syntax.htm
Simplified Redirect Rules
https://docs.imperva.com/bundle/cloud-application-security/page/rules/simplified-redirect.htm
Scheduler Syntax
https://docs.imperva.com/bundle/cloud-application-security/page/rules/scheduler.htm
Variable$ Galore!
https://docs.imperva.com/bundle/cloud-application-security/page/rules/create-rule.htm
Custom Rate Rules
https://docs.imperva.com/bundle/cloud-application-security/page/rules/rates.htm
#CloudWAF(formerlyIncapsula)
WARNING: Please follow your organization's change control procedures, and always test rules before adding to production