How to add an owasp rule in a specific cname record

Answer these questions to help the Community help you with Security questions.

What is the domain name?
tecnisa.com.br

Have you searched for an answer?
Yes

Please share your search results url:
I didn´t find any results.

When you tested your domain, what were the results?
The owasp rules was added in all records.

Describe the issue you are having:
I have many records under my website like homologacliente.tecnisa.com.br and I want to add a owasp rule in this record. Is it possible?

What error message or number are you receiving?
No errors

What steps have you taken to resolve the issue?

Was the site working with SSL prior to adding it to Cloudflare?
Yes

What are the steps to reproduce the error:

Have you tried from another browser and/or incognito mode?

Please attach a screenshot of the error:

Edit the Rule Set, then edit its scope to only include the hostname you want covered by the rule set.
https://developers.cloudflare.com/waf/managed-rules/deploy-zone-dashboard/#specify-a-custom-expression-for-the-ruleset

1 Like

Right, but I need to add diferent rules to diferents hosts like this. blablabla.tecnisa.com.br has a Method is not allowed by policy rule, but xpto.tecnisa.com.br, doesn´t. Is it possible do this?

I believe so. On the Managed Rules tab, click Add Exemption. From there you can add your hostname, and select the specific rules you want it excluded from. You can do that for each hostname and exemption needed.

https://developers.cloudflare.com/waf/managed-rules/waf-exceptions/define-dashboard/

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.