Hi CF Team,
Is there any way to set the default mode for new WAF rules that CloudFlare implements?
Recently a WAF rule was added by CloudFlare (D0003) to protect from a new Drupal 0-day that that had recently been announced. We had instances where users were blocked from one of our sites when submitting post data that started with a #.
Before we had enabled the WAF globally we had put all rules into simulate mode so we could evaluate any blocks that would have occurred with Enterprise Log Share and make application changes accordingly. However, this rule was pushed out with the default behaviour of BLOCK, thus the problem.
Can a customer override these defaults so we can enable/simulate the WAF rule prior to go-live?
Thanks in advance.