How to disable the WAF rule engine for a particular URI location
It may be necessary to bypass the WAF for a particular URI location; to prevent false positives; or to gain better performance by decreasing the WAF processing load. The latter may be warranted if there are many requests to a location which does not require the WAF protection. This improves the performance of the service by eliminating unneeded processing.
There are two ways to accomplish this:
1. Use SubVS’s which handle both WAF and non-WAF requests.
a. Modify the Virtual Service and create two Sub-Vitual Services (SubVS).
b. Enable WAF on one SubVS and leave WAF disabled on the other.
c. Create a content rule to match the URI - /myscripts/script.php
-Rule Name = User defined
-Rule Type = Content Matching
-Match Type = RegEx
-Header Field = leave this field blank
-Match String /^\/myscripts\/script\.php$/
-Ignore Case = checked
d. Enable Content Switching on the parent VS under Advanced Properties
e. Apply the rule to the WAF disabled subVS.
f. Apply the “default” rule to the WAF enabled subVS.
2. Create a custom rule that will switch off the WAF engine for the specified URI
Location = /myscripts/script.php
SecRule REQUEST_FILENAME "^/myscripts/script\.php$"