The BASIC > Services page allows you to create content rules for a service. Rules added to the service allow content-aware processing decisions for web traffic within that service. Rules can use HTTP request headers to make load balancing and caching policy decisions. The type of challenge to be presented to the incoming clients for validation can be enabled when you edit a content rule in the BASIC > Services page.
To add a content rule to a service:
- In the BASIC > Services page, Services section, locate the service you want to add a content rule to.
- Click Rule next to the service. The Add Content Rule window appears.
- Specify values for the following fields:
- Rule Group Name – Name to identify this rule group.
- Status - Set to On to make this rule group part of the rule match.
- Mode - By default, a service is set to Passive mode which allows intrusions to be passed to the servers but logs to assist in refining the security policy. Set to Active to log and block intrusions. The active mode enforces the policy according to the action policy defined for the violation group in the SECURITY POLICIES > Action Policy page.
Active - Blocks any request when an anomaly or intrusion is observed.
Passive - Logs all anomalies and intrusions found and allows the traffic to pass through the Barracuda Web Application Firewall. Use this mode in the initial stages of deployment when you cannot allow any false positives which may break the service.
- Access Log - Set to Enable to generate access logs for a service.
- Host Match – Enter the matching criteria for host field in the request header. This is either a specific host match or a wildcard host match with a single " * " anywhere in the host name. Specify * if you want the rule to be matched with any host. If the service hosts multiple applications under different domains and you wish to add the rule only for a particular domain, enter the relevant host name. For example,
- URL Match – Enter the matching criteria for URL field in the request header. The URL should start with a "/" and can have only one " * " anywhere in the URL. A value of /* means that the ACL applies for all URLs in that domain. Use /* if you want to cover all the URLs in your domain. For example,
- Extended Match – Enter an expression that consists of a combination of HTTP headers and/or query string parameters. Use '*' to apply to any request that do not apply the extended match condition. Refer to Extended Match Syntax Help to find out how to write extended match expressions.
- Extended Match Sequence – Specify a number that will determine the order for matching the extended match rule. The order range is 1 to 1000 (default is 1000).
- Click Add.
For additional information, see How to Redirect Traffic to a Different Back-end Server Based on a URL Pattern.