WAF Rule Set

An AngkasaIO Web Application Firewall (AIOWAF) Rule Set is a collection of security rules that define how a Web Application Firewall (WAF) identifies and blocks threats. These rules help protect web applications from cyberattacks by filtering and analyzing incoming HTTP/HTTPS requests.

Updating AngkasaIO Rule Set

Follow these steps to configure AngkasaIO WAF Core Rule Set using the AngkasaIO WAF configuration panel.

1. Browse to your AngkasaIO Space (your dedicated environment).

2. Navigate to WAF and select WAF instance that you want to configure.

   

3. Locate and navigate to the WAF Rules section under Firewall. This section allows you to specify WAF Operation Mode 1 and enable/disable any rules from AngkasaIO WAF Core Rule Set 2.

   

4. There are 3 types of Operation Mode, including:

   • Disabled: Turns off AngkasaIO WAF Rule Set, allowing all traffic without inspection.
     Best scenario for this operation mode

     • Debugging and performance testing.
     • Temporarily disabling WAF when investigating false positives.
   • Passive Mode: Logs and monitors traffic but does not block any requests.
     Best scenario for this operation mode

     • Analyzing attack patterns before applying strict security policies.
     • Testing WAF rules in a non-intrusive manner.
   • Active Mode: Actively blocks requests that violate selected AngkasaIO WAF rules.
     Best scenario for this operation mode

     • Live websites and applications requiring strong security.
     • Preventing attacks before they reach the origin server.
   

5. Click the Save button to apply your changes.
   

6. Your WAF is now configured with desired AngkasaIO WAF Rules.

NOTE

This guide ensures your origin server is properly set up within AngkasaIO WAF for secure and optimized traffic routing. 🚀