WAF ruleset actions

CIS WAF capabilities are moving to the Ruleset Engine rules language. For more information on this change, see Migrating to managed rules.

The following table shows the actions that Web Application Firewalls (WAFs) can take.

WAF actions
Action	rulesets	Definition
Block	All	Blocks an attack stops any action before it is posted to your website.
Log	All	To test for false positives, set the WAF to Log mode, which records the response to possible attacks without challenging or blocking.
Challenge	All	Manged challenge: Dynamically chooses the appropriate type of challenge based on the characteristics of the request. Interactive challenge: Solve a puzzle to proceed. JavaScript challenge: A challenge page asks visitors to submit a CAPTCHA to continue to your website.

In Enterprise plans, you have the flexibility to turn on or off individual WAF rules for a particular URI in a domain, instead of the whole domain or subdomain. For more information, see the waf-override-create command.