Forum Discussion

riccardofusari's avatar
riccardofusari
Copper Contributor
Oct 10, 2024

WAF custom rule for bock others cookie and permit only a specific cookie name and value

Hello all,

 

I need to create a custom WAF rule that only allows traffic for a specific request URI (/example-path) if it contains a particular cookie, Cookie=abc123, and blocks all other requests.

Additionally, could someone clarify the difference between configuring the policy this way:

  1. RequestHeaders['Cookie'], Operator=DoesNotEqual, Values="Cookie=abc123"
  2. RequestCookie, Values="CookieName", Operator=Equal, valueOfTheCookie="abc123"

I hope I explained myself clearly. Thanks in advance for your responses!

 

No RepliesBe the first to reply

Resources