> ## Documentation Index
> Fetch the complete documentation index at: https://docs.verbex.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# WAF User Guide

**WAF - Web Application Firewall - Feature Request from Japan**

### **User Guide for WAF Configuration in Verbex**

#### **1. Accessing WAF Configuration**

To begin configuring your **WAF (Web Application Firewall)**, navigate to the **Dashboard** of your Verbex account. In the left-hand sidebar, find and click the **WAF Configuration** option.

You will be presented with the following UI elements:

* **WAF Toggle**: A toggle button at the top of the page to enable or disable WAF for your organization.
* **WAF Rule Table**: Displays the current WAF rules applied to the organization, including **IP Address**, **IP Type**, **Action**, **Reason**, **Notes**, **Expires At**, and an **Actions** column for managing the rules.

The screen may initially display "No WAF rules found" if no rules have been configured yet.

#### **2. Enabling WAF**

Once you access the **WAF Configuration** section, the first step is to enable WAF if it is not already activated for your organization.

**UI Flow**:

1. **Click the WAF Toggle**: Switch the toggle to **ON** to activate the WAF functionality for your organization.
2. **Confirmation Dialog**: A modal will appear confirming if you want to enable WAF. You will be asked to select a **Default Policy**:
   * **ALLOW**: Allows all traffic by default and blocks only explicitly denied requests.
   * **DENY**: Denies all traffic by default, only allowing explicitly allowed requests.

**Action**:

* Choose the **Default Policy** for your organization based on your security requirements.
* Click **Enable** to confirm the settings and activate WAF.

#### **3. Editing Default Policy**

After enabling WAF, you can adjust the **Default Policy** settings.

**UI Flow**:

1. **Click the 'Edit' Icon**: Next to the default policy setting in the WAF Configuration screen, click the **Edit Default Policy** button.
2. **Modify Default Policy**: You can select between **ALLOW** or **DENY** from the dropdown menu, depending on your security needs.
3. **Save Changes**: After selecting the appropriate policy, click **Update** to save the changes.

This setting will affect all traffic until further specific rules are added.

#### **4. Creating WAF Rules**

To protect your platform from malicious traffic, you can create **custom WAF rules** based on your security needs.

**UI Flow**:

1. **Click 'Create WAF Rule'**: This will open a modal where you can define a new rule for your WAF configuration.
2. **Fill in Rule Details**:
   * **IP Address**: Specify the IP address, CIDR notation, or IP range to apply the rule to.
   * **IP Type**: Select the type of IP address matching (e.g., **EXACT** or other types, depending on your preference).
   * **Reason**: Provide a brief explanation of why this rule is being added (e.g., **DDoS Attacker**).
   * **Notes**: Optionally, add additional notes for clarification.
   * **Expires At**: Set an expiration date for this rule if it's temporary.
3. **Click Create**: Once all fields are filled in, click **Create** to finalize the new rule.

#### **5. Managing WAF Rules**

Once WAF is enabled and rules are configured, you can manage existing WAF rules directly from the **WAF Configuration** page.

* **View Existing Rules**: In the rule table, you can see all the configured rules, including their **IP Address**, **IP Type**, **Action**, **Reason**, and expiration details.
* **Delete or Edit Rules**: The **Actions** column provides options to either **Edit** or **Delete** existing rules. Click the **ellipsis** (...) icon next to the rule for more options.

#### **6. Monitoring WAF Configuration**

With WAF enabled and rules applied, it’s important to regularly monitor the firewall configuration to ensure it is functioning as intended.

* **Review Blocked Traffic**: Verbex logs traffic that has been blocked based on WAF rules. You can periodically check for any blocked requests that may indicate malicious activity.
* **Adjust Rules as Needed**: If necessary, you can update or remove rules based on changes to the security landscape or false positives.

#### **7. Troubleshooting**

* **WAF Not Blocking Traffic**: Ensure that the rules are correctly configured and that the IP addresses or ranges are accurately specified.
* **Incorrect Policy Behavior**: If the policy doesn't behave as expected (e.g., blocking valid requests), verify that the **Default Policy** is set correctly, and check the individual rules for conflicts.
* **Expired Rules**: If a WAF rule is no longer needed, ensure it is deleted or the expiration date is set properly to avoid security lapses.

1. **Start with Default Allow or Deny**: Choose a default policy that aligns with your organization's security needs (e.g., **ALLOW** for high-trust environments or **DENY** for stricter control).
2. **Granular Rules**: Use specific IP ranges and precise actions in your rules to prevent misconfigurations and unintended blocks.
3. **Regular Monitoring**: Frequently review and adjust WAF rules to address evolving security threats.
4. **Document Reasoning**: Always add a clear reason and notes to each rule for future reference and compliance purposes.
