The Acquia Managed ruleset provides pre-configured WAF rules maintained by Acquia. Use these rules to help protect your domains from common and emerging threats. Review the included rules and deactivate individual rules if needed.
Open the Acquia Managed Ruleset
- In the Edge console, go to Security.
- Select Rule configuration > WAF rulesets.
- Select Acquia Managed Ruleset.
The page displays a description of the ruleset, the number of active rules, and a table of rule names and descriptions.
Rules included in the ruleset
The Acquia managed ruleset includes the following protections:
- Autodiscover: Blocks traffic to Microsoft Autodiscover endpoints.
- Chrome – Older Versions: Targets traffic from older versions of Chrome.
- Drupal Paths: Blocks specific paths and query strings commonly targeted on Drupal sites.
- Microsoft ActiveSync: Blocks requests to the Microsoft ActiveSync URL.
- Microsoft Office: Blocks POST requests with a User-Agent of Microsoft Office.
- Microsoft Skype Business: Blocks POST requests with a User-Agent of Skype for Business.
- User Agents: Blocks requests based on predefined user agents.
- Wordpress: Blocks various paths associated with WordPress.
Deactivate or re-activate a rule
- Navigate to Security > Rule configuration > WAF Rulesets.
- Locate the specific rule in the Acquia Managed ruleset tab.
- Toggle the rule control to deactivate or re-activate the rule.
- Select Save.
Confirm changes
To apply updates, use the confirmation dialog box to verify the change. Select Confirm to proceed.
Reset to default
To restore the ruleset to the default recommended state, select Reset to default. Confirm the reset when prompted.
Unsaved changes behavior
To navigate away with unsaved changes prompts a dialog box. Select to Save and continue or Discard changes.
Verify in security metrics
After you enable or change rules, use Security Metrics to review WAF activity. Ensure the ruleset has the intended impact on blocked and alerted traffic trends.
Acquia Managed WAF Ruleset
The Acquia Managed ruleset provides pre-configured WAF rules maintained by Acquia. Use these rules to help protect your domains from common and emerging threats. Review the included rules and deactivate individual rules if needed.
Open the Acquia Managed Ruleset
- In the Edge console, go to Security.
- Select Rule configuration > WAF rulesets.
- Select Acquia Managed Ruleset.
The page displays a description of the ruleset, the number of active rules, and a table of rule names and descriptions.
Rules included in the ruleset
The Acquia managed ruleset includes the following protections:
- Autodiscover: Blocks traffic to Microsoft Autodiscover endpoints.
- Chrome – Older Versions: Targets traffic from older versions of Chrome.
- Drupal Paths: Blocks specific paths and query strings commonly targeted on Drupal sites.
- Microsoft ActiveSync: Blocks requests to the Microsoft ActiveSync URL.
- Microsoft Office: Blocks POST requests with a User-Agent of Microsoft Office.
- Microsoft Skype Business: Blocks POST requests with a User-Agent of Skype for Business.
- User Agents: Blocks requests based on predefined user agents.
- Wordpress: Blocks various paths associated with WordPress.
Deactivate or re-activate a rule
- Navigate to Security > Rule configuration > WAF Rulesets.
- Locate the specific rule in the Acquia Managed ruleset tab.
- Toggle the rule control to deactivate or re-activate the rule.
- Select Save.
Confirm changes
To apply updates, use the confirmation dialog box to verify the change. Select Confirm to proceed.
Reset to default
To restore the ruleset to the default recommended state, select Reset to default. Confirm the reset when prompted.
Unsaved changes behavior
To navigate away with unsaved changes prompts a dialog box. Select to Save and continue or Discard changes.
Verify in security metrics
After you enable or change rules, use Security Metrics to review WAF activity. Ensure the ruleset has the intended impact on blocked and alerted traffic trends.
Edge Standard