The In-App WAF is a powerful protection. It lets you write your own rules to block attacks that are specific to your applications. Yet, writing custom rules can be daunting. You need to find the right heuristic to block attacks while avoiding false positives.
Today, we are introducing improvements to make editing rules easier and safer!
Editing rules made easy
When editing a rule, you will now see a sample request on the side. It shows what a typical HTTP request would look like, with headers, parameters, etc. You can use this request to pick the fields and values you want to block with your rule. Blocking unwanted user agents is now one click away!

Of course, you can edit the sample request to make it more realistic compared to your actual traffic. But what would be more realistic than your actual traffic? To use an actual request, go to Security Activity, pick a request, and select "Create custom In-App WAF rule from this request".

This will let you create a new rule based on this exact request.
If you prefer choosing the fields you want to target yourself, we also made the list more organized with the most used fields at the top.

Deploy new rules with confidence
Today, we're also making it possible to test your rules before running them on real traffic.
Any rule can now run against the sample request (which you can customize) while you edit it. You can test a single condition, or the entire rule. This provides a shorter feedback loop that lets you know if your rule is effective or not.

If you have any questions or feedback, we'd love to hear about it. Let us know via the chat button or send us an email at feedback@sqreen.com