Managed rules for Enterprise, exclude a subset of domains using manage rule scope
lets say i have an enterprise account, and all the domains from a.com through z.com under the enterprise plan. At the account level i have deployed a managed ruleset for ENT.
Now i need to exclude one specific rule ID from the managed ruleset on a subset of domains h.com <-> p.com how would i go about that efficiently?
Obviously i can create an waf exception per zone and iterate, but can for example change the scope for managed rules like
(in order)
1. Managed ruleset
scope hostname does start with h.com, i.com, j.com etc and disable the specific rule
2. Managed ruleset
scope All incoming requests
ie first create a managed ruleset for only a subset of domains and that a subset for all domains, but will i hit both rules or will CF use the order and provide the desired result by first applying rule number 1 and rule number 2 for all the other ones? or how should i think regarding scoping managed rules
1 Reply
I guess api script would be an option to iterate the rollout but this is atm beyond my skil to understand how to configure rule sets etc usign api
or.. i can deploy a managed exception for the enterprise... 🤦🤯😁