How to: Disable one signature and enable another in a user-defined URL

In this example, we disable the detection of a specific signature, 200010093 and enable another one, 200010008, both in a user-defined URL /Common/user_defined_URL. These signature settings take effect only in requests to that URL. In other requests, the signature behavior is determined by the signature sets these signatures belong to. See Attack Signatures for more details.

{
    "policy": {
        "name": "user_defined_URL",
        "template": {
            "name": "POLICY_TEMPLATE_RAPID_DEPLOYMENT"
        },
        "applicationLanguage": "utf-8",
        "enforcementMode": "blocking",
        "blocking-settings": {
            "violations": [
                {
                    "name": "VIOL_URL",
                    "alarm": true,
                    "block": true
                }
            ]
        },
        "urls": [
            {
                "method": "*",
                "name": "/test*",
                "protocol": "http",
                "type": "wildcard",
                "wildcardOrder": 1,
                "attackSignaturesCheck": true,
                "signatureOverrides": [
                    {
                        "enabled": true,
                        "signatureId": 200010008
                    },
                    {
                        "enabled": false,
                        "signatureId": 200010093
                    }
                ]
            }
        ]
    }
}