# Set Protect rules

Protect rules monitor applications for attacks. If you have RulesAdmin permissions and Protect is enabled, you can set these rules.

To set rules:

1. Select Applications in the header, then select an application name > Policy > Protect.

2. To filter the policies to just see Protect rules, select Protect rules from the filtering menu above the policy results. You can also enter a Protect rule by name in the search field.

3. For each rule, you can turn Protect on and set the mode it uses in different environments. Select the drop-down menu for each environment to set how you want Protect to either block or monitor attacks. Choose one of these modes:

• Off: This disables the rule altogether.

• Monitor: The agent will identify and report attacks.

• Block: The agent will identify, report and block attacks.

### Warning

If an attack matches a rule, and that rule is set to "Block" mode, the AttackBlockedException is thrown.

To keep your application from crashing, make sure it's configured to catch the AttackBlockedException.

• Block at perimeter: The agent will block a possible attack before the application can process it. This option is not available for all rules.

• Monitor at perimeter: The agent will attempt to identify and report a possible attack before the application can process it. This option is not available for all rules.

### Note

If you block or monitor at the perimeter, the agent doesn't verify the attack at the sink. This may lead to more false positive results.

### Tip

You can test policies by setting a different mode for a Protect rule in each environment. This lets you see how various options work in pre-production and won't disrupt production defenses.

4. To apply the same settings to multiple rules, select the checkbox for each rule you want to change. You can also use the Rule checkbox to select all rules. Select Change mode. In the window that appears, set the Protect mode for each environment you want to change. Select Save to complete the action.

5. You can also set Protect rules for each environment across applications. To do this, go to user menu > Policy management > Protect rules.

Use the drop-down menu to filter the rules by language or the search field to find a rule by name. Select a rule name to manage settings for all applications that currently use the rule. Use the drop-down menus to set the Protect mode for each environment.