Merge pull request #216886 from vhorne/waf-ag-custom

add http request method values

Author: prmerger-automator[bot]

articles/web-application-firewall/ag/custom-waf-rules-overview.md

@@ -5,7 +5,7 @@ services: web-application-firewall
 ms.topic: article
 author: vhorne
 ms.service: web-application-firewall
-ms.date: 04/20/2022
+ms.date: 11/02/2022
 ms.author: victorh 
 ms.custom: devx-track-azurepowershell
 ---
@@ -104,7 +104,7 @@ Currently, must be **MatchRule**.
 Must be one of the variables:
 
 - RemoteAddr – IPv4 Address/Range of the remote computer connection
-- RequestMethod – HTTP Request method (GET, POST, PUT, DELETE, and so on.)
+- RequestMethod – HTTP Request method
 - QueryString – Variable in the URI
 - PostArgs – Arguments sent in the POST body. Custom Rules using this match variable are only applied if the 'Content-Type' header is set to 'application/x-www-form-urlencoded' and 'multipart/form-data'. Additional content type of  `application/json` is supported with CRS version 3.2 or greater, bot protection rule set, and geo-match custom rules. 
 - RequestUri – URI of the request
@@ -122,7 +122,7 @@ Must be one of the following operators:
 
 - IPMatch - only used when Match Variable is *RemoteAddr,* and only supports IPv4
 - Equal – input is the same as the MatchValue
-- Any – It should not have a MatchValue. It is recommended for Match Variable with a valid Selector.
+- Any – It shouldn't have a MatchValue. It's recommended for Match Variable with a valid Selector.
 - Contains
 - LessThan
 - GreaterThan
@@ -152,13 +152,22 @@ A list of strings with names of transformations to do before the match is attemp
 
 List of values to match against, which can be thought of as being *OR*'ed. For example, it could be IP addresses or other strings. The value format depends on the previous operator.
 
+Supported HTTP request method values include:
+- GET
+- HEAD
+- POST
+- OPTIONS
+- PUT
+- DELETE
+- PATCH
+
 ### Action [required]
 
 In WAF policy detection mode, if a custom rule is triggered, the action is always logged regardless of the action value set on the custom rule.
 
-- Allow – Authorizes the transaction, skipping all other rules. The specified request is added to the allow list and once matched, the request stops further evaluation and is sent to the backend pool. Rules that are on the allow list aren't evaluated for any further custom rules or managed rules.
+- Allow – Authorizes the transaction, skipping all other rules. The specified request is added to the allowlist and once matched, the request stops further evaluation and is sent to the backend pool. Rules that are on the allowlist aren't evaluated for any further custom rules or managed rules.
 - Block - Blocks or logs the transaction based on SecDefaultAction (detection/prevention mode).
-   - Prevention mode - Blocks the transaction based on SecDefaultAction. Just like the Allow action, once the request is evaluated and added to the block list, evaluation is stopped and the request is blocked. Any request after that meets the same conditions won't be evaluated and will just be blocked.
+   - Prevention mode - Blocks the transaction based on SecDefaultAction. Just like the Allow action, once the request is evaluated and added to the blocklist, evaluation is stopped and the request is blocked. Any request after that meets the same conditions won't be evaluated and will just be blocked.
    - Detection mode - Logs the transaction based on SecDefaultAction after which evaluation is stopped. Any request after that meets the same conditions won't be evaluated and will just be logged.
 - Log – Lets the rule write to the log, but lets the rest of the rules run for evaluation. The other custom rules are evaluated in order of priority, followed by the managed rules.