WAF custom role override - subpath
Hi, sorry if this is stupid question but is it possible to have one exception path for custom rule .. kind of:
/wp-admin/* to trigger managed chalange except if path is
/wp-admin/admin-ajax.php?action=*
I created it like this on image .. but it does not work..
Can someone else help what am I doing wrong?
Thaaanks!
(http.request.uri.path contains "/wp-login.php") or (http.request.uri.path contains "/wp-admin/" and not http.request.uri.path contains "/wp-admin/admin-ajax.php?action=")
2 Replies
The path doesn't contain the query string.
To break down the fields, let's say you have an incoming request "https://www.example.org/articles/index?section=539061&expand=comments":
http.request.full_uri (URI Full) -> "https://www.example.org/articles/index?section=539061&expand=comments"
http.host (Hostname) -> "www.example.org"
ssl (TLS/SSL) -> True (https)
http.request.uri (URI) -> "/articles/index?section=539061&expand=comments"
http.request.uri.path (URI Path) -> "/articles/index"
http.request.uri.query (URI Query String) -> "section=539061&expand=comments"
https://developers.cloudflare.com/ruleset-engine/rules-language/fields/
so you could do URI does not contain for the admin.ajax, would probably be the easiest
hey @Chaika thank you very much for reply,, but I've tried with what you suggested - URI field - but also didn't work.
Maybe it can be an issue because this is fetch request - hxr/ajax request to server?