WAF_Policy (object)¶
A Web Application Firewall Policy. Supports both traditional and advanced WAF policies. Advanced WAF policies require TMOS version 16.0 or newer.
Properties (* = required):
| name | type(s) | default | allowed values | description |
|---|---|---|---|---|
| class* | string | “WAF_Policy” | ||
| disabledSignatures | array | Disable various attack signatures by ID. Ignored on Advanced WAF policies | ||
| enforcementMode | string | “blocking”, “transparent” | Overrides the enforcement mode setting of the WAF policy. Ignored on Advanced WAF policies | |
| expand | array | Performs AS3 string expansion on specified values within the WAF Policy. WAF Policies that are not in JSON format will be ignored | ||
| file | string | The absolute file path for the ASM policy stored on the BIG-IP | ||
| ignoreChanges | boolean | false | true, false | If false (default), the system updates the policy in every BIG-IP AS3 declaration deployment. If true, BIG-IP AS3 creates the policy on first deployment, and leaves it untouched afterwards |
| label | string | “^[^x00-x1fx22#&*<>?x5b-x5d`x7f]*$” | Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML | |
| policy | Reference to a WAF Policy,String value optionally in base64 or from URL or BIG-IP AS3 pointer | |||
| remark | string | “^[^x00-x1fx22x5cx7f]*$” | Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks | |
| serverTechnologies | array | Define server technologies for the WAF Policy, such as Java Servlets or Apache Struts. Ignored on Advanced WAF policies | ||
| url | The URL to pull the ASM policy from,The URL for a required resource |