Oracle Cloud Infrastructure Documentation

Managing WAF Policies

The Oracle Cloud Infrastructure WAF service enables you to create a WAF policy and origin.

Order of Processing

The order in which rules and handlers are processed is:

  1. IP Whitelists/Blacklists/Good Bot Whitelists
  2. Access Rules
  3. JavaScript Challenge
  4. Device Fingerprinting Challenge (available in the API)
  5. Human Interaction Challenge (available in the API)
  6. Captcha Challenge
  7. Protection Rules
  8. Rate Limiting (available in the API)

Using the Console

Create and Manage WAF Policies

To create a WAF policy
To update a WAF policy
To delete a WAF policy
To publish changes

To manage tags for a WAF policy

To move a WAF policy to a different compartment

Using the CLI

Open a command prompt and run the following command to get the details of a WAAS policy:

oci waas waas-policy get --waas-policy-id <policy_ocid>

This can be useful in retrieving the necessary information when opening a ticket with Oracle Cloud Infrastructure support. For more information about how to access and use the CLI, see Command Line Interface (CLI).

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.