Disabling WAF on a certain page using page rule

Hello,

I would like to know if there is anything wrong in my page rule.

I want to disable the Web Application Firewall on a certain page in the content management system because I am using a rich-text editor and firewall keeps prompting the challenge page because it thinks that some kind of code is being injected in the payload because it contains HTML tags (Such as bold, italic, etc…).

I created the below page rules, but the WAF is still showing the challenge page:

Page Rule Settings:
Disable Web Application Firewall

URL:
https://example.com/backend/addarticle*
https://*example.com/backend/addarticle*

I tried re-ordering the page rules but still, I get the same results.

I don’t really wish to disable security on the whole backend because it contains the login page. Any suggestions on how to get this done or if there is anything wrong in my matching URLs?

That should work - do you still see a WAF rule trigger event under firewall events?

Yes, it shows in the firewall events.

Rule ID 981176

I just tried the below alternative to see if it works:

example.com/backend/addarticle*

(Removed the leading https://)

Check if the URL in the firewall event matches what you are setting up.

1 Like

Yes, sure it matches. Example:

example.com/backend/addarticle?href=add

The (*) is supposed to be a wildcard here

Note: After I removed the https:// from the URL (Few hours ago), no logs have been recorded yet (Hopefully it worked). I’ll monitor for 24 hours and check.

[UPDATE]
The logs are still being recorded. The page rule is not working!

[SOLUTION]
Page rules work from top to bottom and there was another page rule active on the same URL. I had to either combine both page rules in one or re-order the WAF page rule and place it on top.

This topic was automatically closed after 30 days. New replies are no longer allowed.