Updated on 2024-07-22 GMT+08:00

Why Is the Handle False Alarm Button Grayed Out?

Verify that you have the permissions for WAF. For details, see WAF Permissions Management.

If you have enabled Enterprise Project, select an enterprise project and handle false alarms in the project.

  • For events generated based on custom rules (such as a CC attack protection rule, precise protection rule, blacklist rule, whitelist rule, or geolocation access control rule), they cannot be handled as false alarms. To ignore such an event, delete or disable the custom rule hit by the event.
  • If either of the following numbers in an access request exceeds 512, WAF will block the request as an invalid request and gray out the Handle False Alarm button.
    • When form-data is used for POST or PUT requests, the number of parameters in a form exceeds 8,192.
    • The URL contains more than 2,048 parameters.
    • The number of headers exceeds 512.
    Figure 1 Normal requests blocked by WAF as invalid requests

    To handle an invalid request, refer to Why Does WAF Block Normal Requests as Invalid Requests?