WAF actions

The following table shows the actions that Web Application Firewalls (WAFs) can take.

Table 1. WAF actions
Action	Rule sets	Definition
Block	All	Blocks an attack stops any action before it is posted to your website.
Skip	Firewall rules	Skip the remaining rules in the current rule set.
Log	All	To test for false positives, set the WAF to Log mode, which records the response to possible attacks without challenging or blocking.
Challenge	All	Manged challenge: Dynamically chooses the appropriate type of challenge based on the characteristics of the request. Interactive challenge: Solve a puzzle to proceed. JavaScript challenge: A challenge page asks visitors to submit a CAPTCHA to continue to your website.

In Enterprise plans, you have the flexibility to turn on or off individual WAF rules for a particular URI in a domain, instead of the whole domain or subdomain. For more information, see the waf-override-create command.