Web application firewall and CRS rules

Mlytics web application firewall (WAF) protects your domain from common vulnerabilities and exploits. This is done through core rule sets (CRS) that are defined based on the Comodo WAF rule v1.233. The CRS covers the OWASP Top 10 vulnerabilities.

You can find CRS rules by navigating to ‘ Origin Shield’ > 'CRS rules'.

You need to set the target domain from the ‘ Operation level panel’.

There are three main categories under the 'CRS rules' feature:

  • XSS rules
  • SQL injection rules
  • Generic injection rules: all other web application attacks

The rulesets

When viewing a ruleset, you can check their rule ID, the type of threat with its name, the action to be performed, and whether a particular rule is enabled or not. 

The actions available on each rule are:

  • Simulate: the request is allowed but will be logged in the 'Threat log'
  • Block: the request will be blocked
  • Pass: the request is allowed by ignoring the rule

These rules can be enabled/disabled individually by toggling the switch. To perform bulk management of CRS rules, check this article.