Sense Defence Firewall Rule Overview
With Sense Defence Firewall Rules, you can establish guidelines to examine incoming data traffic. Depending on the rule, you can then block, challenge, record, or permit particular requests.
Key Features:
- Guided Protection: Take advantage of the preset rulesets offered by Sense Defence or tailor your firewall rules. These rules can be set up either through the Sense Defence control panel or using the API.
- Advanced Customization: The expression of each rule can draw from a wide array of HTTP request parameters and fields. This capability enables the crafting of intricate rule conditions.
Availability:
- Universal Access: Firewall rules are a standard feature available for all plans.
- Unlimited Rules: Sense Defence doesn't restrict the number of firewall rules you can implement for a website. However, be mindful of your web application's performance, as processing numerous rules for each request might impact its efficiency.
Supported Actions:
The following table outlines the actions you can define within firewall rules. These actions follow a specific hierarchy, determining which action gets priority if the same request meets two different rules of equal importance.
For instance, if a request aligns with a rule set to 'Allow' and another rule set to 'Block', the 'Allow' action takes priority due to its higher precedence. As a result, Sense Defence will permit the request.
However, two exceptions to this order exist: the 'Log' and 'Bypass' actions. Differing from other actions, 'Log' and 'Bypass' don't conclude the evaluation process within firewall rules. So, if a request correlates with two separate rules, with one indicating 'Log' or 'Bypass' and the other indicating a different action, the latter action will be executed—even though 'Log/Bypass' typically has priority.
Action | Description |
Log | Logs requests that align with specified criteria in the Cloudflare Records. |
Bypass | Enables users to temporarily turn off Cloudflare's security functions for specific requests |
Allow | Matching requests are exempt from Bypass, Block, and challenge actions triggered by other firewall rules |
Challenge | Helps reduce the lifetimes of human time spent solving interactive challenges across the Internet |
Block | Matching requests are denied access to the site |
Order of Execution
Sense Defence processes firewall rules based on their sequence in the list, assessing them as they are laid out. When handling a limited number of rules, the list order is advantageous. You can effortlessly adjust their sequence using the up/down arrows to position them.
Related Articles
Create Firewall Rule
In the Sense Defence firewall, each rule consists of an expression and an action. If an incoming HTTP request aligns with a rule's expression, Sense Defence will execute the designated action. Setting Up a Firewall Rule in Sense Defence Starting the ...Sense Defence OWASP Core Rule Early Blocking
OWASP released early blocking feature for its core rules sets in Sprint 2022 and Sense defence adapted the changes immediately on its core rules selections. This feature is available for all users - including our community edition customers at free ...Sense Defence Certificate Management
Overview Sense Defence is an AI-powered Web Application Firewall (WAF) solution that offers robust features for SSL (Secure Sockets Layer) certificate management. Users can opt between generating a free wildcard certificate or uploading their own SSL ...Onboarding a Site to Sense Defence WAF
Sense Defence’s Web Application Firewall (WAF) offers both security and acceleration at the web application level. To begin the process of securing and speeding up a web application, a “site” must be added to a Sense Defence customer organisation. ...Onboarding Site to Sense Defence WAF
Sense Defence’s Web Application Firewall (WAF) offers both security and acceleration at the web application level. To begin the process of securing and speeding up a web application, a “site” must be added to a Sense Defence customer organisation. ...