I’m a noob to the WAF world, but is there a way to turn on the WAF but not actually have it do anything? I know other products let you put them in “Learning mode” before completely flipping the switch. That way i can check logs and hopefully cut off any issues when we actually go live.
Not really learning mode, but you can set it to ‘simulate’. Events will be logged but not blocked.
perfect…thank you…i’ll look into how to get it into “simulate” mode
Go to Firewall - > Managed Rules -> OWASP ModSecurity Core Rule Set. There’s a drop down where you can select an action. Simulate, challenge or block.
I don’t have any managed rules setup or even have the WAF on…do i need to request the rule to be setup and then put in in “simulate”…then turn the WAF on?
Click this link
Select the domain and scroll half way down on that page.
This topic was automatically closed after 30 days. New replies are no longer allowed.