F5XC - WAF - WAF exclusion rules in Shared Namespace
Currently, the WAF exclusion rule set is a key in a HTTP LB object.
However, a lot of Apps can be developped on a same framework, so these apps can have a same False Positive / WAF exclusion rule and already known before deploying a LB. WAF exclusion rule could defined also in the Shared namespace
https://www.f5cloudideas.com/ideas/CNSL-I-622
-
Matthieu Dierick
- Jun 6 2025
Related ideas
Hello Matthieu,
I think it's an excellent idea to create WAF exclusion rules as objects. Currently, if someone accidentally removes a large number of exclusion rules, there is no way to undo the changes. Moreover, the console does not display any warnings or confirmations indicating that key-value entries will be permanently deleted.
Implementing object-based rules would greatly improve manageability and reduce the risk of accidental data loss.
I observed also that the customer to roll back the changes have to create a dummy entry to show up the exclusion rule section and then can copy and past the JSON format from the audit logs to undo changes.