Skip to content

Commit f232b53

Browse files
vhornevhorne
committed
acrofixes
1 parent fd2ee94 commit f232b53

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/web-application-firewall/ag/custom-waf-rules-overview.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@ Must be one of the following operators:
122122

123123
- IPMatch - only used when Match Variable is *RemoteAddr,* and only supports IPv4
124124
- Equal – input is the same as the MatchValue
125-
- Any – It should not have a MatchValue. It is recommended for Match Variable with a valid Selector.
125+
- Any – It shouldn't have a MatchValue. It's recommended for Match Variable with a valid Selector.
126126
- Contains
127127
- LessThan
128128
- GreaterThan
@@ -165,9 +165,9 @@ Supported HTTP request method values include:
165165

166166
In WAF policy detection mode, if a custom rule is triggered, the action is always logged regardless of the action value set on the custom rule.
167167

168-
- Allow – Authorizes the transaction, skipping all other rules. The specified request is added to the allow list and once matched, the request stops further evaluation and is sent to the backend pool. Rules that are on the allow list aren't evaluated for any further custom rules or managed rules.
168+
- Allow – Authorizes the transaction, skipping all other rules. The specified request is added to the allowlist and once matched, the request stops further evaluation and is sent to the backend pool. Rules that are on the allowlist aren't evaluated for any further custom rules or managed rules.
169169
- Block - Blocks or logs the transaction based on SecDefaultAction (detection/prevention mode).
170-
- Prevention mode - Blocks the transaction based on SecDefaultAction. Just like the Allow action, once the request is evaluated and added to the block list, evaluation is stopped and the request is blocked. Any request after that meets the same conditions won't be evaluated and will just be blocked.
170+
- Prevention mode - Blocks the transaction based on SecDefaultAction. Just like the Allow action, once the request is evaluated and added to the blocklist, evaluation is stopped and the request is blocked. Any request after that meets the same conditions won't be evaluated and will just be blocked.
171171
- Detection mode - Logs the transaction based on SecDefaultAction after which evaluation is stopped. Any request after that meets the same conditions won't be evaluated and will just be logged.
172172
- Log – Lets the rule write to the log, but lets the rest of the rules run for evaluation. The other custom rules are evaluated in order of priority, followed by the managed rules.
173173

0 commit comments

Comments
 (0)