Adding a Web Application Firewall Action
Add an action to a web application firewall (WAF) policy.
Using the Console
- On the Policies page, select the compartment that contains the policy.
- (Optional) Filter the listed policies by name, status, policy type (WAF policy), or creation date.
- Click the name of the WAF policy to which you want to add an action.
- On the policy details page, under Policy, click Actions.
- Click Manage actions.
- In the Manage actions dialog box, click Add action.
-
In the Add action dialog box, complete the options as follows:
-
Action name: Enter a name for the action.
-
Action type: Specify the action type:
- Allow: Skips all remaining rules in the current module.
- Check: Doesn't stop the running of rules. Instead it generates a log message that documents the result of running the rules.
- Return HTTP response: Returns a defined HTTP response.
If you select this type, then provide the following values:
-
Response code: Select the HTTP response.
-
Headers: Enter optional header information:
-
Header name: Enter the name of the header.
Header value: Enter the associated value of the header.
Click + Another header to display another header row where you can enter a header name and value pair. Click X to delete the associated header row.
-
Response page body: Provides details about an error, including the cause and further instructions, if needed.
Enter the HTTP response body, for example a JSON error response:{"code":"403","message":"Forbidden"}
You can enable Dynamic text support to add variables in the page body. The following variable is supported:
RequestID
The request ID can help you with tracking and managing a request by providing a unique request identifier exposed in HTTP request and response headers.
When the request ID is enabled, the default header name X-Request-Id is included in the HTTP request header from the load balancer to the backend and HTTP header responses.
The following example provides an HTTP response body with dynamic text support enabled:
{"code":"403","message":"Forbidden","RequestId":"${http.request.id}"}
-
- Click Add action.
- In the Manage actions dialog box, click Save changes.