Forum Discussion

Nimbostratus

Jan 07, 2022

Impact of adding new rules in Block mode

When new rules are added to a managed rule set, they are added in Block mode. In a production environment, that could cause legitimate traffic to start being blocked. How are customers supposed...

MVP

Jan 26, 2022

The AWS WAF is basically linux modsecurity so no matter if you use the F5 rules or AWS ones this are the AWS WAF limitations as there is no machine learning or new rules or modified being placed in learning mode like the F5 signatures.

The only option I can suggest is to use AWS waf version managment and to change the "default" setting to a specific version and each week to manially check for a new version and if there is a new version to select it and then to test in a test window. you my try to automate this in some way.

https://docs.aws.amazon.com/waf/latest/developerguide/waf-managed-rule-groups-versioning.html

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Impact of adding new rules in Block mode

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

HA Failover between two Datacenters

AST Configuration Assistance

Identify which virtual servers are using a specific SSL certificate

APM VPN LDAP POOL can't contact ldap server.

Users account sessions mixed up..

Related Content

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

F5 NGINX HTTP Request Header Rules: What’s Permitted and What’s Not

F5 Rules for AWS WAF - Rule ID to Attack Type Reference

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS