Checking if your WAF is operating in blocking or learning mode
Azion services are constantly evolving and improving. If you are still using outdated configurations or if you need to change your WAF from blocking to learning mode (or vice versa) and can’t find where to do it, please read the following instructions.
The WAF behaviors that were previously executed and created inside Edge Application, are a module of Edge Firewall, therefore it is necessary that the migration of information for the WAF behaviors is migrated to the updated version.
How to migrate WAF settings
-
Log into the Real-Time Manager and under Edge Application, select the application you want and check the WAF settings on the Rules Engine tab;
Previously, the Edge Firewall and Web Application Firewall flags were found under Edge Application on the Main Settings tab. In the current version, these settings are available under Edge Firewall.
-
Copy the WAF settings you want;
-
From Real-Time Manager, go to Edge Firewall and click Add Rule set;
-
Give your Edge Firewall a name, select the Domain, enable the Network Layer Protection and Web Application Firewall flags;
-
Click Save to save your settings;
-
Click the Rules Engine tab (which will be displayed right after you save the previous configuration) and then click New Rule;
-
In Criteria, select Request URI and fill in the same settings that you copied from Edge Application/Rules Engine (item 2), that is the same logical operator and/or the same regular expression;
-
In Behavior, select Set WAF Rule Set, select the Rule Set you want, and choose Learning or Blocking mode.
Note: during migration both settings work at the same time. After 5 minutes, you can disable Edge Firewall and Web Application Firewall flags in Edge Application>Rules Engine, as they will already be saved as rules in Edge Firewall.
Didn’t find what you were looking for? Open a support ticket.