Which Protection Rules Are Included in the System-Generated Policy?
When you add a website to WAF, you can select an existing policy you have created or the system-generated policy. For details, see Table 1.
If you are using WAF standard edition, only System-generated policy can be selected.
You can also tailor your protection rules after the domain name is connected to WAF.
Edition |
Policy |
Description |
---|---|---|
Standard edition |
Basic web protection (Log only mode and common checks) |
The basic web protection defends against attacks such as SQL injections, XSS, remote overflow vulnerabilities, file inclusions, Bash vulnerabilities, remote command execution, directory traversal, sensitive file access, and command/code injections. |
Professional and platinum editions |
Basic web protection (Log only mode and common checks) |
The basic web protection defends against attacks such as SQL injections, XSS, remote overflow vulnerabilities, file inclusions, Bash vulnerabilities, remote command execution, directory traversal, sensitive file access, and command/code injections. |
Anti-crawler (Log only mode and Scanner feature) |
WAF only logs web scanning tasks, such as vulnerability scanning and virus scanning, such as crawling behavior of OpenVAS and Nmap. |
Log only: WAF only logs detected attack events instead of blocking them.
Others FAQs
- In Which Situations Will the WAF Policies Fail?
- Can I Export or Back Up the WAF Configuration?
- How Do I Allow Requests from Only IP Addresses in a Specified Geographical Region?
- What Working Modes and Protection Mechanisms Does WAF Have?
- What Types of Protection Rules Does WAF Support?
- Which of the WAF Protection Rules Support the Log-Only Protective Action?
- How Do I Allow Only Specified IP Addresses to Access Protected Websites?
- Which Protection Rules Are Included in the System-Generated Policy?
- Why Does the Page Fail to Be Refreshed After WTP Is Enabled?
- What Are the Differences Between Blacklist/Whitelist Rules and Precise Protection Rules on Blocking Access Requests from Specified IP Addresses?
- What Do I Do If a Scanner, such as AppScan, Detects that the Cookie Is Missing Secure or HttpOnly?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
more