--- title: "OWASP ruleset" date: "2026-04-30T07:46:44+00:00" summary: image: type: "page" url: "/acquia-cloud-platform/add-ons/edge-standard/owasp-ruleset-0" id: "d1e3b20a-eaa5-4f20-b4fe-a7d8a954cdfb" --- Acquia Edge Standard includes preset Web Application Firewall (WAF) rulesets designed to mitigate common threats such as the Open Web Application Security Project (OWASP) Top 10. The OWASP ruleset is enabled by default and provides a foundational layer of security against common web-based vulnerabilities. You can review and deactivate specific OWASP rule groups if needed. However, deactivating protections is not recommended. This method can leave your application vulnerable. **Open the OWASP ruleset** 1. In the Edge console, navigate to **Security**. 2. Select **Rule configuration**. 3. Select **WAF Rulesets**. 4. Select the **OWASP ruleset** tab. 5. The page displays a summary of the ruleset, the number of active rules, and a table of OWASP rule groups. **OWASP protections included** The OWASP ruleset includes rule groups for the following types of threats: * **SQL Injection (SQL-INJECTION-ANOMALY)**: Detects SQL injection (SQLi) attempts and suspicious database queries intended to steal or manipulate data. * **Cross-Site Scripting (XSS-ANOMALY)**: Identifies cross-site scripting (XSS) attempts that inject scripts into separate browser sessions. * **Remote File Inclusion (RFI-ANOMALY)**: Prevents attempts to must the application to include and execute external malicious files. * **Local File Inclusion (LFI-ANOMALY)**: Blocks attempts to access restricted files stored locally. * **Command Injection (CMD-INJECTION-ANOMALY)**: Detects attempts to execute unauthorized system commands. * **Protocol Attack (PROTOCOL-ANOMALY)**: Detects protocol-level attack patterns and malformed requests. * **Web Application Attack (WAT-ANOMALY)**: Detects general web application attack patterns and suspicious traffic behavior. * **Security Policy Violation (POLICY-ANOMALY)**: Flags non-compliant access attempts and security policy violations. * **Network Protocol Violations**: Detects network protocol violations and malformed request patterns. **Understand the OWASP ruleset table** The OWASP ruleset table lists each OWASP rule group and includes: * **Rule name**: The OWASP rule group. * **Description**: What the rule group is designed to detect or block. * **Toggle**: Enables or deactivates the rule group. * **Rule documentation**: Opens provider documentation for additional technical detail. **Enable or deactivate OWASP rule groups** By default, all OWASP rule groups are enabled. You can deactivate individual rule groups if you have a confirmed false positive or a specific operational requirement. Important Deactivating OWASP protections reduces your security coverage and can leave your application vulnerable. Only deactivate a rule group after you ensure it is blocking legitimate traffic and you understand the security impact. **Ensure rule activity in Security Metrics** After you enable or deactivate OWASP rule groups, review the Security Metrics dashboard to ensure the change has the intended effect. Examples include reduced false positives while maintaining protection.