Third-party rules can be uploaded to the LoadMaster. You can also write your own custom rules, which can be uploaded. These rules must be in the ModSecurity rule format in order to upload correctly. The Custom Rules screen enables you to upload WAF Custom Rules (.conf) and associated WAF Custom Rule Data (.data or .txt) files. The first character in the filename must be an alpha character or an underscore (_). The other characters in the filename can include full stops (.) or dashes (-). You can also upload gzip-compressed Tarball files (.tar.gz), which contain multiple rule and data files.

Note: We do not recommend using the WAF rule "redirect" action in custom rules because of the impact this has on system performance. You should use content rules instead for that purpose.
Note: Based on OWASP recommended best practices, the order of WAF rule processing was changed in LoadMaster firmware version 7.2.57. As of 7.2.57, custom rules are processed before the OWASP CRS rules.

To check the order that the rules are processed in:

  1. Navigate to System Configuration > Logging Options > System Log Files > Debug Options and click the Enable Logging button next to Enable WAF Debug Logging.
  2. When WAF debug logging is enabled, if there are WAF debug logs - the option WAF Debug Log File becomes available in the System Log Files screen. Click View to view the WAF debug log file.
  3. You can see what order the rules are processed in. Lines that say Invoking rule specify when the rule was processed.
CAUTION: Please be aware that enabling WAF debug logs generate logs that may include Personally Identifiable Information as defined under the General Data Protection Agreement (EU GDPR). You should follow your organization's best practice to protect this information which may include anonymizing, deleting, or encrypting the data within the logs.

Installed Rules: Choose File.

Individual custom rules can be uploaded as .conf files. Alternatively, you can load a package of rules in a .tar.gz file. After selecting the rule files to be uploaded, click the Add Ruleset button.

WAF Custom Rule Data : Choose File.

Upload any additional data files with associated data for the rules.

The additional files are for the rules’ associated data files. If you uploaded a Tarball when uploading the rules, the rules and data files can be packaged together. After selecting the data files to be uploaded, click the Add Data File button.

Note: Custom rules and data files can be deleted or downloaded by clicking the relevant buttons.
Note: If a rule is assigned to a Virtual Service, it will not be available for deletion.