All Products
Search

This Product

    Edge Security Acceleration:Custom rules

    Document Center

    Edge Security Acceleration:Custom rules

    Last Updated:May 13, 2025

    Custom rules allow you to control user access to resources on your website. To create a custom rule for your website, specify the match conditions and an action such as block or monitor.

    Create a custom rule

    1. In the ESA console, choose Websites and click the name of the website you want to manage.

    2. In the left-side navigation pane, choose Security > WAF.

    3. On the Custom Rules tab, click Create Rule.

      • On the page that appears, specify Rule Name.

      • Specify the conditions for matching incoming requests in the If requests match... section. For more information about custom rules, see Work with rules.

      • Specify the actions you want to perform in the Then execute... section.

    4. Click OK.

    Actions

    • Block: When a request matches a rule, it is blocked and a response page indicating the action is sent back to the requesting client. You can also configure a custom error page.

    • Monitor: Requests that match the rule are not blocked but are logged instead. You can review these logs to assess the rule's effectiveness to ensure that legitimate requests are not blocked. This mode is helpful for testing newly implemented rules. Once you've confirmed that the rule does not cause false positives, you can switch it to the Block mode.

      Note

      Simple Log Service must be activated to query logs.

    • JavaScript Challenge: This indicates that WAF issues a JavaScript code snippet to the client, which a standard browser can execute automatically. Once the client successfully runs the JavaScript, WAF permits all subsequent requests from that client for a set duration (default is 30 minutes) without the need for further authentication. If not, it blocks the requests.

    • Slider CAPTCHA: WAF returns pages used for slider CAPTCHA verification to the client. If the client passes strict slider CAPTCHA verification, WAF allows the request. Otherwise, WAF blocks the request.

    Configuration example

    • Protection scenario: Security Analytics or Event Analytics detected that a client whose IP address is 193.xx.xx.xx initiated an abnormal request to the host named dns.example.com.image

    • Configuration example of a custom rule:

      • Rule expression: Hostname equals dns.example.com and IP Source Address equals 193.xx.xx.xx.

      • Action: Select Block and use Default Block Page.

      image

    Availability

    Item

    Entrance

    Pro

    Premium

    Enterprise

    Number of custom rules

    3

    20

    100

    100