Phases

The Web Application Firewall provides the following phases where you can create rulesets and rules:

http_request_firewall_custom
http_ratelimit
http_request_firewall_managed

These phases exist both at the account level and at the zone level. Considering the available phases and the two different levels, rules will be evaluated in the following order:

Old dashboard
New dashboard

Security feature	Scope	Phase	Ruleset kind	Location in the dashboard
Custom rulesets	Account	`http_request_firewall_custom`	`custom` (create) `root` (deploy)	Go to WAF > Custom rulesets tab
Custom rules	Zone	`http_request_firewall_custom`	`zone`	Your zone > Security > WAF > Custom rules tab
Rate limiting rulesets	Account	`http_ratelimit`	`root`	Go to WAF > Rate limiting rulesets tab
Rate limiting rules	Zone	`http_ratelimit`	`zone`	Your zone > Security > WAF > Rate limiting rules tab
Managed rulesets	Account	`http_request_firewall_managed`	`root`	Go to WAF > Managed rulesets tab
Managed rules	Zone	`http_request_firewall_managed`	`zone`	Your zone > Security > WAF > Managed rules tab

Security feature	Scope	Phase	Ruleset kind	Location in the dashboard
Custom rulesets	Account	`http_request_firewall_custom`	`custom` (create) `root` (deploy)	Go to WAF > Custom rulesets tab
Custom rules	Zone	`http_request_firewall_custom`	`zone`	Your zone > Security > Security rules
Rate limiting rulesets	Account	`http_ratelimit`	`root`	Go to WAF > Rate limiting rulesets tab
Rate limiting rules	Zone	`http_ratelimit`	`zone`	Your zone > Security > Security rules
Managed rulesets	Account	`http_request_firewall_managed`	`root`	Go to WAF > Managed rulesets tab
Managed rules	Zone	`http_request_firewall_managed`	`zone`	Your zone > Security > Security rules

To learn more about phases, refer to Phases in the Ruleset Engine documentation.

Was this helpful?

Community
X
Discord
YouTube
GitHub