Can I disable WAF for a specific user agent or a specific header value (for bug bounty hunters)


There’s is a technique to enable WAF and set exceptions to bypass it for somes users ?

The only possibility I can think of is in Firewall Rules to create an Allow rule for those User Agents. You can explore other Firewall Rule options for various headers such as Cookies.

Again, this is only if a Firewall Rule that Allows actually bypasses the WAF. I’m not sure if it does.

This topic was automatically closed after 30 days. New replies are no longer allowed.