Web application firewall and CRS rules

Mlytics web application firewall (WAF) protects your domain from common vulnerabilities and exploits. This is done through core rule sets (CRS) that are defined based on the Comodo WAF rule v1.233. 

You can find the CRS rules in ‘CDN’ > 'Enhanced security' > 'CRS rules'. 

There are three main categories under the 'CRS rules' feature:

  • XSS rules
  • SQL injection rules
  • Generic injection rules: all other web application attacks

The rulesets

When viewing a ruleset, you can see a list of rules with their rule ID, threats, action, and whether the action set on them is enabled or not. These rules can be enabled/disabled individually by toggling the switch.

The actions available for each rule are:

  • Simulate: the request is allowed through but is logged in the 'Threat log'
  • Block: the request will be blocked
  • Pass: the request is allowed by ignoring the rule

To perform bulk management of CRS rules, check this article.