WAF rule set update for 2017-11-13 (legacy)
As of July 13, 2020, Fastly's original WAF offering became a legacy product. It will continue to be supported for all existing users. As alternatives, Signal Sciences Cloud WAF or Signal Sciences Next-Gen WAF both offer proactive monitoring of and protection against suspicious and anomalous web traffic directed at your applications and origin servers. Each can be controlled via the web interface dashboard or application programming interface (API). Contact email@example.com or your Fastly account team to evaluate or move to the Signal Sciences WAF options.
The following information describes the updates and changes to the rule set.
Type of Change
- Global update to OWASP 3.0.2 CRS release
- Update Trustwave rules to latest available
- Introduce new Fastly internal rule 10040 to block any HTTP POST body greater than 2 kibibytes in size.
Affected Rule Sets
- Fastly Rules