Combining AND/OR custom rules with WAF

Is it possible to combine AND and OR with brackets? The custom rule below saves, but is it valid?
I’m looking to reject referrers to a certain API endpoint unless they are in a list of referrers.

(http.request.uri.path contains "/api/js") and ((http.referer ne "https://domain1.com") or (http.referer ne "https://domain2.com"))

So the above will block the /api/js endpoint when it’s not being referred from either (domain1 or domain2).

Yes, this is possible. That being said, I believe the second part of your rule would always resolve to true since the referrer would always not equal to one of the two domains you have listed.

Here are some docs on using rule expressions.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.