Set the action to perform when the calculated threat score is greater than the score threshold by creating a rule override for the last rule in the Cloudflare OWASP Core Ruleset (rule with ID 6179ae15870a4bb7b2d480d4843b323c), and including the action property. The OWASP Managed Ruleset supports the following configurations:Įnable all the rules up to a specific paranoia level by creating tag overrides that disable all the rules associated with higher paranoia levels. Configure the OWASP paranoia level, score threshold, and action
The following example deploys two managed rulesets to the zone with ID using Terraform, using a cloudflare_ruleset resource with two rules that execute the managed rulesets. Start from scratch by deleting existing rulesets (account and zone rulesets with "kind": "root" and "kind": "zone", respectively) and then defining your rulesets configuration in Terraform.Recent versions of the tool can generate resource definitions for existing rulesets and import their configuration to Terraform state. Import existing rulesets to Terraform using the cf-terraforming tool.If you already have rulesets configured in your account or zone, do one of the following: Terraform assumes that it has complete control over account and zone rulesets. The response will include the description and IDs of existing managed rulesets. To find the IDs of managed rulesets, use the List account rulesets API operation. The deployment of managed rulesets via Terraform requires that you use the ruleset IDs. To retrieve the list of zones you have access to, including their IDs, use the List zones API operation.
To retrieve the list of accounts you have access to, including their IDs, use the List accounts API operation.
The Terraform configurations provided in this page need the zone ID (or account ID) of the zone/account where you will deploy the managed rulesets. Before you start Obtain the necessary account, zone, and managed ruleset IDs For more information on deploying and configuring rulesets using the Rulesets API, refer to Work with managed rulesets in the Ruleset Engine documentation. Configure the OWASP paranoia level, score threshold, and actionįor more information on WAF Managed Rules, refer to WAF Managed Rules in the Cloudflare WAF documentation.This page provides examples of deploying and configuring WAF Managed Rules in your zone or account using Terraform.
0 kommentar(er)
