CloudFlare WAF "Default Mode"

waf

#1

Hi CF Team,

Is there any way to set the default mode for new WAF rules that CloudFlare implements?

Recently a WAF rule was added by CloudFlare (D0003) to protect from a new Drupal 0-day that that had recently been announced. We had instances where users were blocked from one of our sites when submitting post data that started with a #.
Before we had enabled the WAF globally we had put all rules into simulate mode so we could evaluate any blocks that would have occurred with Enterprise Log Share and make application changes accordingly. However, this rule was pushed out with the default behaviour of BLOCK, thus the problem.

Can a customer override these defaults so we can enable/simulate the WAF rule prior to go-live?

Thanks in advance.


#2

Hi CF Team - Any word on if this is possible?

Thanks.


#3

Definitely something we are are talking to the WAF team about.


#4

Thanks a lot - we really want to begin using WAF on more of our sites, but we are conscious of inadvertent blocks due to a “default on” rule.


#5

This topic was automatically closed after 14 days. New replies are no longer allowed.