Add history + possibly comment box to WAF rules

Hey there,

At our company we often use WAF rules when mitigating attacks or scrapers.
They generally work well but they can negatively impact real traffic if too broad so we like to go back and disable or refine once an attack is over. There are a couple issues with this:

  1. Description of the WAF rule is limited to the title - engineers often put fairly complex matching logic in response to some traffic they see and it is hard to understand the why just from a short title - it would be great if comments could be added to supply reasoning behind a given rule

  2. History is not viewable (as far as I am aware) - engineers will often edit an existing rule and add logic but later on it becomes impossible to determine what was added when and why making it much more difficult to decide if it is reasonable to turn off or refine the rule.

I think both these features would be very helpful but if I had to pick one it would be history. Thanks for reading!

Hi @brian.beckerle

  1. Great idea.
  2. You should be able to see changes in your Audit Logs if you look for Rulesets update. Remember to toggle on User Level Activity.

Thanks for point me to the audit logs and ruleset updates! I was unaware you could find that there! Will strike out 2 as a request then.