Edge Standard
Custom WAF rule
Use Custom WAF rules to handle traffic based on your specific needs. Each rule evaluates incoming requests against attributes such as country, IP address, header, method, or path and then takes a Block or Alert action for selected domains.
You can create up to 10 custom WAF rules.
A custom WAF rule includes the following:
Rule name
Rule logic – Attribute, criteria, and value
Rule response action – Block or Alert, plus priority
Scope – Domains and (optionally) domain paths
In the Edge console, go to Security > Rule configuration > Custom WAF rule.
Select Create custom rule.
In Set rule name, enter a descriptive Name for the rule.
Example: Block admin access from non-US countries.
Define how the rule identifies matching requests.
In Attribute, select the request attribute to evaluate. Common options include:
ASN
Country
Header
IP address
Method
Query string
In Criteria, select how the attribute should be matched. Available options depend on the attribute, for example:
equals
You can combine different attributes and criteria by creating multiple custom rules.
In Response action, choose how the rule handles matching requests:
Block – Stops the request from reaching your site.
Alert – Allows the request but logs it for review in Security Metrics.
In Rule priority, select where this rule sits relative to other custom rules, such as First, Last, or a specific position in the list. Higher‑priority rules are evaluated first.
Tip: Start new rules in Alert mode and review their impact in Security Metrics before switching to Block.
In Domains, choose where the rule applies:
All domains, or
A specific set of domains from the list.
(Optional) In Domain path, enter one or more paths (comma‑separated) to further narrow where the rule applies.
Example: /login, /admin
When domain paths are set, the rule applies only to requests that match both:
the selected domains, and
one of the specified paths.
The rule is deployed to the edge and begins evaluating requests shortly after you save.
In the Edge console, go to Security > Rule configuration > Custom WAF rule.
In the row for the rule you want to change, select Actions > Edit rule.
Update any of the following:
Name
Attribute, Criteria, or Value
Response action (Block or Alert)
Rule priority
Domains and Domain path
Changes deploy to the edge after you save. Use Security Metrics to confirm that the updated rule behaves as expected.
In the Edge console, go to Security > Rule configuration > Custom WAF rule.
In the row for the rule you want to remove, select Actions > Delete rule.
Confirm that you want to delete the rule.
Once deleted, the rule no longer evaluates or blocks traffic. If you still need similar protection, create a replacement rule with the updated logic.
contains
range
wildcard
In Value, enter the value to match. Examples:
Country: US
IP address: 203.0.113.10
Header: User-Agent contains curl
Path (via query string or header, depending on attribute): /admin
Review the configuration summary.
Select Create rule.
Select Update rule.
If this content did not answer your questions, try searching or contacting our support team for further assistance.
contains
range
wildcard
In Value, enter the value to match. Examples:
Country: US
IP address: 203.0.113.10
Header: User-Agent contains curl
Path (via query string or header, depending on attribute): /admin
Review the configuration summary.
Select Create rule.
Select Update rule.
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Edge Standard