What are the definitions for each firewall/API rule operator?

When you're adding a new firewall or API protection rule, chances are you'll have to decide which operator to use for your rule. 

The operator defines the rule on how the ‘ specified value’ and the ‘field’ (e.g. ‘URI in request w/o query string’, or ‘Parameter in REQUEST, etc.) will relate to each other in order to produce a valid response (Pass, Block, API protection, etc.).

Here are the definitions for all operators:

Operator Definition
regex (regular expression) True if field matches the specified regex pattern (value)
streq (string equal) True if field exactly matches the specified value
contains True if field contains all the specified value/s
within True if field is within the specified URL (value)
prefix True if field starts with the specified value
suffix True if field ends with the specified value
include True if field contains at least one of the specified values

Here are some examples:

Given the target field: URI w/o query = test.com/api/test/1

streq:  if URI w/o query is exactly the same with test.com/api/test/1 = then match streq case

contains:  if URI w/o query contains api = then match contains case

within:  if URI w/o query is within url test.com/api/test/1/what/ever/ = then match within case

prefix:  if URI w/o query starts with test.com = then match prefix case

suffix:  if URI w/o query ends with /test/1 = then match suffix case

include:  if URI w/o query contains EITHER /api/ OR /test/ = then match include case

regex:   if URI w/o query match regex pattern [\w\/\.]+ = then match include case

Note:

Regex is a popular string search method, it is used to find all strings that match your pattern. Popular programming languages, such as python support regex. 

For the example above:

  • [] means matches a single character that is contained within the brackets
  • \w means Alphanumeric characters plus "_", e.g. [A-Za-z0-9_]
  • \/ means slash. Backslash \ is placed before slash / because / is a reserved character in regex, so we need to use \/ to represent /
  • \. means dot. Dot . is also a reserved character, hence need to put \ before it
  • [\w\/.] means find characters that match A-Z, a-z, 0-9, _, /, .
  • + means indicates one or more occurrences of the preceding element

Therefore, [\w\/.]+ means find strings match one or more occurrences of ( A-Z, a-z, 0-9, _, /, . )