Why did Managed Ruleset upgrade also port *some* of my custom WAF rules?

We’re an Enterprise customer, I went through the first part of these instructions to upgrade us. We’re in the in-between stage, old and new both enabled, to compare the differences.

We also have 15 “Custom Rules” on the custom rules tab (I migrated the Terraform resources for these yesterday). After getting to this halfway point on Managed Rules, I noticed that SIX of our Custom Rules are now also listed under Managed Rules with the prefix “Rule migrated from Firewall Rules: …” and then some details about the rule, with some unique ids included.

What’s going on here, and what’s going to happen when I conclude the Managed Rules update?

Hi there,

In the new managed ruleset, exceptions can be created under the managed rules themselves, to skip only a given managed ruleset or even more specifically a rule/signature inside each ruleset.

The exceptions you’re seeing when upgrading, are old WAF custom rules that where bypassing old managed rules and are themselves being upgraded to the new managed rules.

Take care.

Ah! Ok, that makes sense. Thx!

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.