WAF Minimize length rule

nicolas.chevallier · January 5, 2025, 5:24pm

personal site

WAF rule is limited to 4096 bytes, but it’s possible to reduce some rules

For example instead of writing
lower(http.user_agent) contains "badbot"
you can write
http.user_agent wildcard "*badbot*"
in order to save 10%

Off

fritex · January 5, 2025, 5:35pm

Savings are equal to only 5 characters.

Thank you for suggestion, someone would definitely use this example and others.

The best way is to combine WAF rules when possible and split across other security options available to us customers.

Comes from the new Ruleset engine, and very useful.

sdayman · January 5, 2025, 5:46pm

You’ve also removed lower. Does Wildcard make the check for badbot case-insensitive?

nicolas.chevallier · January 5, 2025, 7:13pm

sdayman · January 5, 2025, 7:14pm

Ooh, very nice!

system · January 20, 2025, 7:14pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using wildcards in WAF Rules Website, Application, Performance	2	256	October 4, 2024
Is my WAF rule correct? Security	4	1157	March 31, 2023
Community Update - [Action required] Deprecation notice for WAF Managed Rules, Firewall Rules, and Rate Limiting Rules What's New CommunityUpdate , DocFeedback	55	6967	October 2, 2024
Is user agent field case-sensitive? General	11	3902	March 31, 2021
WAF rule with low and upper letters Security	23	954	September 10, 2023