Page rule for OWASP

pagerules

#1

Can we please have a page rule to disable only OWASP part of WAF?

Better yet: Can we have a feature to create customized named OWASP rule sets and then the ability to pick one of these through page rules?

Usage scenarios: We have certain URIs in multiple domains that does either federated authentication or AS2 EDI communication which both trigger a number of OWASP rules. For these pages only I’d like to disable OWASP rules entirely or have a custom OWASP rule set.


#2

Hopefully some more people will realize this is a must-have and upvote this ASAP. Cloudflare support informed me it is a frequently requested feature but I couldn’t find it here in the community.