Profile Management

This article explains the legacy version of WAF that will undergo end-of-life on June 30, 2021. Our new version of WAF expands upon all of the capabilities offered by WAF and Rate Limiting with a simplified and centralized setup. Please upgrade to the latest version of WAF at your earliest convenience.

Learn how to:

Key information:

Creating a Profile

This section provides step-by-step instructions on how to create a profile.

Templates are an easy way to apply a default configuration to a new profile.

Creating a profile will automatically add it to the Template option.

To create a profile

  1. From the Profile Manager page, click Add Profile.
  2. In the Name option, type the unique name by which this profile will be identified. This name should be sufficiently descriptive to identify it when setting up an instance.
  3. Verify that the Template option is set to a template that best reflects how your traffic should be screened. If unsure, set this option to the "Defend Basic Practices Profile Template."
  4. Click the Access Controls tab. Define the desired whitelists, accesslists, and blacklists.
  5. Click the Policies tab. In the Ruleset option, select the type and date for the rule set that may be used to monitor traffic for threats. The Choose Policies section will be refreshed to reflect the selected rule set.

    Automatically verify that your web applications are compatible with our latest threat detection policies by enabling the Automatically opt-in to the latest ECRS ruleset option. It is recommended that you enable this capability on a profile whose instance has been set to Alert Only. This type of setup provides you with the opportunity to minimize false positives before enforcing our latest threat detection policies on your production traffic.

  6. Set the Threshold option to a level (e.g., 15) that balances security with risk tolerance. Requests that are scored at or higher than the specified value will be identified as malicious traffic.

    Learn more.

    If you selected the ECRS rule set in the previous step, then this option only applies to policies other than Custom EC Rules and policies that start with "Adv."
    Learn more.

  7. ECRS Only: If you selected ECRS in step 5, then set the Paranoia Level option to a level (e.g., 1) that balances security with risk tolerance.

    This is an advanced setting. The recommended paranoia level is 1. Setting this option to a higher value will increase the number of false positivesWeb Application Firewall: A false positive is a legitimate request that was identified as malicioius traffic by Web Application Firewall..

    Learn more.

  8. Review all enabled policies and rules to ensure that the legitimate traffic is not targeted by mistake.
  9. Click Create Profile.

Learn how to set up a rule exception.

Modifying a Profile

Modifying an existing profile:

A common reason for updating a profile is to reduce false positivesWeb Application Firewall: A false positive is a legitimate request that was identified as malicioius traffic by Web Application Firewall. by adding a rule exception. A rule exception identifies one or more rules that should be ignored for a specific set of requests. Typically, rule exceptions are identified via analysis within the WAF Dashboard.

To modify a profile

  1. From the Profile Manager page, click on the desired profile.
  2. Make the desired changes to settings, access controls, and policies.
  3. Optional. Add one or more rule exceptions.

  4. Click Save.

Deleting a Profile

A profile may be permanently deleted from the system.

Profiles associated with an instance may not be deleted. Please either modify the instance to point to a different profile or delete that instance.

To delete a profile

  1. From the Profile Manager page, click the desired profile.
  2. Click Delete Profile.
  3. Type "DELETE" and then click Delete.