Set Protect rules

You can enable a Protect Rule on an application within the application's details page or from the Protect Rules tab in the Policy Management page.

Application page

Click on an application name in the Applications page grid, and go to the Policy tab to configure Protect Rules. Search for a rule by name or use the drop-down menu above the grid to filter for protect rules only.

For each rule, you can define one configuration per environment. Click the drop-down menu(s) in the grid row to set the status of the appropriate environment(s), and choose from the following options:

  • OFF disables the rule altogether.

  • MONITOR enables the agent to identify attacks and report them.

  • BLOCK enables the agent to identify attacks, report them and block the attack.

  • BLOCK AT PERIMETER BLOCK (P) allows the agent to make a blocking decision before the application is able to process the request. This option is not available for all rules.

Note

By enabling a different configuration per environment, you can test different policies in preproduction environments without disrupting production defenses.

To manage Protect Rules in bulk, check the box in the row for each rule that you want to edit, and then click the button to Change Mode. In the window that appears, select which environments to modify and which mode to apply, and then hit Save.

Across applications

Organization and Rules Administrators can also manage Protect Rules by going to user menu > Policy Management > Protect Rules. The grid displays how your Protect Rules are being applied across your portfolio. Use the search field to find a rule by name or use the drop-down menu to filter the rules by language.

Click on a rule to configure settings for all associated applications. Click the drop-down menu(s) in each grid row to set the status of the appropriate environment(s), as described in the previous section.