Create WAF Conditions

In this step, we will create 2 different conditions.

  1. Size constraint condition
  2. SQL injection condition

Size constraint condition

Step 1: Go to Size constraint conditions section, click Create condition

Step 2: Give the condition a name, like LargeBodyMatch

Step 3: In Filter settings, add a filter on:

  • Part of the request to filter on: body
  • Comparison operator: Greater than
  • Size (Bytes): 3000

Step 4: Click Add filter

Step 5: After the filter is added to the condition, click Create

cloud.vn

SQL Injection condition

Step 1: Go to SQL injection match conditions section, click Create condition

Step 2: Give the condition a name, like SQLinjectionMatch

Step 3: In the Filter settings, add 4 filters

Here, we want to add multiple rules to inspect multiple aspects of the request: request body, request URI and query strings

No Parts of the request Transformation
1 Body None
2 Body URL decode
3 URI URL decode
4 Query string URL decode

cloud.vn

Step 4: Click Create

Step 5: Click Next to advance to the Create Rules page