Step 3: Activating an Instance

WAF will not secure site traffic until an instance has been activated via HTTP Rules Engine. An instance may be activated by adding the Web Application Firewall feature within a rule and then selecting the desired instance. All requests that match the criteria defined by that rule will be secured by WAF.

To activate an instance

1. Navigate to the Rules Engine page for the desired HTTP-based platform.
2. In the Name / Description option, type a name that describes the rule being created.
3. Directly below that option, define the type of requests that will be secured by selecting and configuring a match option.
   • Consider securing all requests by setting this option to "Always."
4. Click the icon that appears next to the Features label.
5. Select the "Web Application Firewall" feature.
6. In the Instance option, select the instance created earlier in this walkthrough. The rule should look similar to the following illustration.
   
7. Click Add.

Note: It may take up to four hours for a rule to be approved. After which, it may take up to 1 additional hour for the rule to be fully propagated across our entire network.

More Information

Getting Started with Web Application Firewall

• Step 1: Creating a Profile
• Step 2: Creating an Instance
• Step 3: Activating an Instance
• Step 4: Monitoring Threats