Fixing the waf_security_rule.html.markdown documentation (#580)

Author: Pavel-Koev

website/docs/r/waf_security_rule.html.markdown

@@ -41,7 +41,7 @@ resource "incapsula_waf_security_rule" "example-waf-ddos-rule" {
 The following arguments are supported:
 
 * `site_id` - (Required) Numeric identifier of the site to operate on.
-* `rule_id` - (Required) The identifier of the WAF rule, e.g api.threats.cross_site_scripting.
+* `rule_id` - (Required) The identifier of the WAF rule, e.g api.threats.cross_site_scripting. Possible values: `api.threats.bot_access_control`, `api.threats.sql_injection`, `api.threats.cross_site_scripting`, `api.threats.backdoor`, `api.threats.ddos`, `api.threats.remote_file_inclusion`.
 * `security_rule_action` - (Optional) The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. See above examples for `rule_id` and `action` combinations.
 * `activation_mode` - (Optional) The mode of activation for ddos on a site. Possible values: api.threats.ddos.activation_mode.off, api.threats.ddos.activation_mode.auto, api.threats.ddos.activation_mode.on, api.threats.ddos.activation_mode.adaptive.
 * `ddos_traffic_threshold` - (Optional) Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.