A WAF ruleset is a group of WAF rules designed to protect against a specific type of attack or threat. For example, there might be a ruleset for protecting against SQL injection attacks, another ruleset for protecting against cross-site scripting attacks, and so on
WAF rulesets can be pre-configured or custom-created. Pre-configured rulesets are maintained by the SKUDONET security team and are designed to protect against the most common types of attacks. Custom rulesets can be created to address specific threats or vulnerabilities that are unique to your organization.
If you want to know more about SKUDONET preloaded rulesets please refer to this article
How to create a new WAF ruleset
- Go to IPDS > WAF > Rulesets.
- Click the Create WAF ruleset button.
- Fill in the required information:
- Name: A memorable name for the ruleset.
- Copy from ruleset: Select an existing ruleset to copy. This is useful for testing new rulesets without modifying the originals.
- Click Apply to create the new ruleset.
Additional information:
If you modify a rule from the skudonet-ipds package, it will not be overwritten when the package is upgraded. These rules will be used instead of the original ones, but you will not lose control of the changes and can be reverted to use the ones maintained by the SKUDONET security team instead.
Next Article: IPDS | WAF | Rulesets | Update
