---
title: "Rule Configuration"
date: "2026-05-12T06:43:38+00:00"
summary:
image:
type: "page"
url: "/acquia-cloud-platform/add-ons/edge-standard/rule-configuration"
id: "55c3c679-5bb4-4f80-bf34-0c82e77bebc8"
---

Use this page to review how incoming requests are evaluated and handled by Acquia Edge Standard. Each section corresponds to a control type in the Edge console under **Security > Rule Configuration.**

****Rule types:****

*   ****WAF Rulesets****: Pre-configured rulesets maintained by Acquia that protect against common and emerging threats. These include the Acquia Managed Ruleset and the Open Web Application Security Project (OWASP) Ruleset. These rulesets are active by default.
    
*   ****Custom WAF Rule****: Application-specific match logic with Alert, Block, Challenge, and CAPTCHA response actions.
    
*   ****IP Access Control****: Allow or block traffic by IP address or CIDR range. This feature is evaluated before other security features.
    
*   ****Rate Limiting****: Restrict request volume from individual clients. Clients that exceed the threshold are blocked and placed in a 10-minute penalty box.