Security Policies and Rules

The security policy you apply to your web application impacts what security events you'd like WAF to respond to.


Start with a blank security policy or choose from out-of box templates for Web CMS and Web technologies, provided by Qualys.


We'll automatically add firewall rules (on the Rules tab) for:

1) Custom rules - These are rules you define using the wizard.

2) Exceptions - These rules apply to selected events on your web application. The rule action (always block or allow) will be the opposite of the original event's action.

3) Virtual Patches - These rules will block exploitation of selected vulnerabilities on your web application.


Quick Links

Your security policies

Your web apps

From the Community

Follow, share, participate in our WAF community

Join now