Working with signal exclusion rules

A signal exclusion rule prevents requests with a particular pattern from being tagged with a specific system signal. You can use signal exclusion rules to help avoid false positives. For example, you may want to prevent requests that are from internal IP addresses and that failed to access an admin page from being tagged with the FORCEFULBROWSING signal.

Limitations and considerations

Signal exclusion rules are limited to 1000 at the corp-level plus 1000 at the site-level and count against the total number of request rule limits for corps and sites.

Working with corp-level signal exclusion rules

Corp-level signal exclusion rules apply to one or more sites within your corp. You can manage your corp-level rules from the Corp Rules page.

Viewing corp-level signal exclusion rules

To view a corp-level signal exclusion rule, follow these steps:

  1. Log in to the Next-Gen WAF console.
  2. From the Corp Rules menu, select Corp Rules.
  3. Click Edit to the right of the rule that you want to view. The View page appears.

Creating corp-level signal exclusion rules

To create a corp-level signal exclusion rule, follow these steps:

  1. From the Corp Rules menu, select Corp Rules.

  2. Click Add corp rule.

    A corp-level signal exclusion rule designed to prevent POST requests originating from a list of known internal developer IP addresses from being tagged with the 'NO-CONTENT-TYPE signal

  3. In the Type section, select Signal exclusion.

  4. From the Signal menu, select the signal that you want to prevent from being assigned to requests that meet specific conditions.

  5. Fill out the fields in the Conditions section as follows:

    • From the Field menu, select the request field that the condition is based on.
    • In the Value field, enter a value for the specified field.
    • From the Operator menu, select an operator to specify how the selected field and value relate.
    • (Optional) Click Add condition to add another condition, or click Add group to create a group of conditions.
    • Select All to specify that a request must meet every condition to be excluded or Any to specify that a request must meet only one condition to be excluded.
  6. Fill out the fields in the Details section as follows:

    • Leave the Status switch enabled.
    • In the Description field, enter a description of the rule.
    • From the Scope menu, leave Global selected for the rule to apply to all your sites. If you want the rule to apply to specific sites, select Specific sites and then select the sites the rule should apply to.
  7. Click Create corp rule. The rule is created, and the Corp Rules page appears.

Editing corp-level signal exclusion rules

To edit a corp-level signal exclusion rule, follow these steps:

  1. From the Corp Rules menu, select Corp Rules.

  2. Click Edit to the right of the rule that you want to delete.

    A corp-level signal exclusion rule designed to prevent POST requests originating from a list of known internal developer IP addresses from being tagged with the 'NO-CONTENT-TYPE signal

  3. From the Signal menu, select the signal that you want to prevent from being assigned to requests that meet specific conditions.

  4. Fill out the fields in the Conditions section as follows:

    • From the Field menu, select the request field that the condition is based on.
    • In the Value field, enter a value for the specified field.
    • From the Operator menu, select an operator to specify how the selected field and value relate.
    • (Optional) Click Add condition to add another condition, or click Add group to create a group of conditions.
    • Select All to specify that a request must meet every condition to be excluded or Any to specify that a request must meet only one condition to be excluded.
  5. Fill out the fields in the Details section as follows:

    • Leave the Status switch enabled.
    • In the Description field, enter a description of the rule.
    • From the Scope menu, leave Global selected for the rule to apply to all your sites. If you want the rule to apply to specific sites, select Specific sites and then select the sites the rule should apply to.
  6. Click Update corp rule. The rule is updated, and the Corp Rules page appears.

Deleting corp-level signal exclusion rules

To delete a corp-level signal exclusion rule, follow these steps:

  1. From the Corp Rules menu, select Corp Rules.
  2. Click Edit to the right of the rule that you want to delete.
  3. Click Remove corp rule and then Delete corp rule. The rule is deleted, and the Corp Rules page appears.

Working with site-level signal exclusion rules

Site-level signal exclusion rules apply to only one site. You can manage your site-level rules from the Site Rules page.

Viewing site-level signal exclusion rules

To view a site-level signal exclusion rule, follow these steps:

  1. Log in to the Next-Gen WAF console.
  2. From the Sites menu, select a site if you have more than one site.
  3. From the Rules menu, select Site Rules.
  4. Click Edit to the right of the rule that you want to view. The View page appears.

Creating site-level signal exclusion rules

To create a site-level signal exclusion rule, follow these steps:

  1. From the Sites menu, select a site if you have more than one site.
  2. From the Rules menu, select Site Rules.

  3. Click Add site rule.

    A site-level signal exclusion rule designed to prevent POST requests originating from a list of known internal developer IP addresses from being tagged with the 'NO-CONTENT-TYPE signal

  4. In the Type section, select Signal exclusion.

  5. From the Signal menu, select the signal that you want to prevent from being assigned to requests that meet specific conditions.

  6. Fill out the fields in the Conditions section as follows:

    • From the Field menu, select the request field that the condition is based on.
    • In the Value field, enter a value for the specified field.
    • From the Operator menu, select an operator to specify how the selected field and value relate.
    • (Optional) Click Add condition to add another condition, or click Add group to create a group of conditions.
    • Select All to specify that a request must meet every condition to be excluded or Any to specify that a request must meet only one condition to be excluded.
  7. Fill out the fields in the Details section as follows:

    • Leave the Status switch enabled.
    • In the Description field, enter a description of the rule.
  8. Click Create site rule. The rule is created, and the Site Rules page appears.

Editing site-level signal exclusion rules

To edit a site-level signal exclusion rule, follow these steps:

  1. From the Sites menu, select a site if you have more than one site.
  2. From the Rules menu, select Site Rules.

  3. Click Edit to the right of the rule that you want to delete.

    A site-level signal exclusion rule designed to prevent POST requests originating from a list of known internal developer IP addresses from being tagged with the 'NO-CONTENT-TYPE signal

  4. From the Signal menu, select the signal that you want to prevent from being assigned to requests that meet specific conditions.

  5. Fill out the fields in the Conditions section as follows:

    • From the Field menu, select the request field that the condition is based on.
    • In the Value field, enter a value for the specified field.
    • From the Operator menu, select an operator to specify how the selected field and value relate.
    • (Optional) Click Add condition to add another condition, or click Add group to create a group of conditions.
    • Select All to specify that a request must meet every condition to be excluded or Any to specify that a request must meet only one condition to be excluded.
  6. Fill out the fields in the Details section as follows:

    • Leave the Status switch enabled.
    • In the Description field, enter a description of the rule.
  7. Click Update site rule. The rule is updated, and the Site Rules page appears.

Deleting site-level signal exclusion rules

To delete a site-level signal exclusion rule, follow these steps:

  1. From the Sites menu, select a site if you have more than one site.
  2. From the Rules menu, select Site Rules.
  3. Click Edit to the right of the rule that you want to delete.
  4. Click Remove site rule and then Delete site rule. The rule is deleted, and the Site Rules page appears.
Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.