# Manage Rules & Actions The **Web Application Firewall (WAF)** allows you to define **Custom Rules** that specify how incoming traffic is evaluated.\ Each rule can match certain request attributes and apply an action — such as **Block**, **Allow**, or **Log Only** — when conditions are met. {% hint style="info" %} Managed Rules are automatically maintained by Medianova’s Security Team.\ Custom Rules are created manually to adapt the WAF to your specific application needs. {% endhint %} {% stepper %} {% step %} #### Access the Rule Management To manage rules, log in to the [**Medianova Control Panel**](https://cloud.medianova.com): 1. Go to **Security → WAF**. 2. Select your **Dynamic CDN Resource**. 3. Open the **Rules & Actions** tab. You’ll see a list of existing Custom Rules and the option to create new ones. {% hint style="info" %} Managed Rules are always active by default. You can combine both Managed and Custom Rules for layered protection. {% endhint %} {% endstep %} {% step %} #### Create a New Custom Rule Follow these steps to add a new rule: 1. Click **Add Rule**. 2. Enter a **Rule Name** for easy identification. 3. Select a **Field** (parameter) from the dropdown — such as: * Request Method (GET, POST, etc.) * Client IP * Request URI * User Agent * Referrer 4. Choose an **Operator**, such as *equals*, *contains*, or *matches*. 5. Enter the **Value** to match. 6. (Optional) Add additional conditions using the **And** operator. 7. Select an **Action** to perform when the rule conditions are met: * **Block** – Reject the request and log the event. * **Allow** – Permit the request to proceed to origin. * **Log Only** – Record the request for review without blocking. 8. Click **Save** to apply the rule. {% hint style="info" %} You can chain up to **three conditions** in a single rule. Complex logic combinations are not supported. {% endhint %} {% hint style="info" %} Use “Log Only” for testing before switching to “Block” to minimize false positives. {% endhint %} {% endstep %} {% step %} #### Edit or Delete Existing Rules You can modify or remove existing rules at any time: * **Edit:** Click the **Edit** icon next to a rule, adjust the fields or actions, and click **Save**. * **Delete:** Click the **Delete** icon to permanently remove the rule. * **Reorder (if supported):** Drag and drop to change rule evaluation priority. {% hint style="info" %} Review logs frequently to ensure that new or modified rules behave as expected. {% endhint %} {% endstep %} {% endstepper %} #### Understand Rule Actions Each action defines how WAF handles a matched request: | Action | Behavior | | ------------ | -------------------------------------------------------- | | **Block** | Immediately rejects the request with an error response. | | **Allow** | Lets the request pass to the origin server. | | **Log Only** | Records the event for analysis without blocking traffic. | > **Note:** “Log Only” is ideal for testing or monitoring potential issues before applying stricter blocking rules.