Custom Rules

Polaris allows users to create custom rules such that the site will respond to every request appropriately as it passes through Polaris. Every rule contains a name, the rule condition, and the action to take based on the rule condition. 

To access this feature, go to 'Settings':

Under 'SITES', select your domain and click on 'Settings'.

Click on the 'Rules' tab and select 'Custom'.

To add a new custom rule, click on the blue 'Add Rule' button and a window will appear:

You can customize your new rule here.

These parameters help you customize your rule:

1) Rule Name: A specific name to differentiate your rule from other rules. 

2) Define Rule Conditions

2a) The parameter to check. When a request comes in, Polaris checks for the information matching this parameter, the available parameters are:

1. AS Num
   
2. Cookie
   
3. Country
   
4. Hostname
   
5. IP Address
   
6. Referer
   
7. Request Method
   
8. URI Full
   
9. URI Path
   
10. User Agent
    
11. Threat Score (Threat Scores ranges from 1 to 100)
    

2b) Operator. The operator defines how Polaris compares the above selected parameter, the available options are:

1. Equals
   
2. Does not equal
   
3. Is in
   
4. Is not in
   
5. Greater than
   
6. Less than
   
7. Greater than or equal to
   
8. Less than or equal to 
   

2c) Value: Define the value for the parameter and operator to compare with.

2d) Logical Functions. This can be used to further customize the rule for it to be more precise as it allows you to add another parameter, operator, and operator value within the rule. However, the use of logical functions are optional, the available functions are:

1. AND: To match different/all conditions within the same rule.
   
2. OR: To match at least one of the multiple conditions within the same rule.
   

3) Action to be taken by Polaris. This defines the appropriate section for Polaris to take if the parameter(s), operator, and operator values match, the following available actions are: 

1. Allowed: Polaris allows the request to be forwarded for processing and response.
   
2. Blocked: The request is denied and responded with a HTTP 403 (Forbidden) status code.
   
3. JS Challenged: Polaris will run a JavaScript validation challenge before the user can view the content.
   
4. Challenged (Captcha): Polaris will display a captcha challenge before the user can view the content.
   
5. Log: Polaris will log it as a security event if it matches the custom rule's action.
   
6. Redirect: Polaris redirects the web traffic to another server.
   
7. Rewrite URI: Polaris updates a certain part in the URI with new information.
   
8. Rewrite Header: Polaris updates a certain part in the header request with new information. Refer to the section below for more details.
   
9. Remove Header: Polaris removes the header from the request.
   
10. Rewrite Cookie: Polaris updates information in the cookie. Refer to the section below for more details.
    
11. Remove Cookie: Polaris removes the cookie.
    
12. Set origin IP address.
    
13. Browser Integrity Check: Refer to this article for more details.
    

That's it, your new custom rule has been created! You may turn on/off and update the rule at anytime.

Rewrite Header

To rewrite header, the following information needs to be provided:

1) Header Name

2) Rewrite from

3) Rewrite to

4) Rewrite response: Polaris will redirect it to it's original request

5) Rewrite add to missing: In the event that the header does not exist, Polaris will add an empty string to the header when this option is turned on.

Rewrite Cookie

1) Cookie Name

2) Rewrite from

3) Rewrite to

4) Rewrite add if missing: If the cookie does not exist, Polaris will add an empty string to it when this option is turned on.

• Related Articles

• OWASP Rules

  This article describes how to configure OWASP rules. To access OWASP Rules: Under 'SITES', select your domain and click on 'Settings'. Click on the 'Rules' tab, and ensure OWASP Rules is turned on. What is OWASP The Open Web Application Security ...

• 7. Zero Trust Access (ZTA) - Custom Access Domain

  A part of the Zero Trust Access feature is allowing for a customized access domain so that authorized users can log into your zero trust applications. Within the Zero Trust settings, you'll find this option under the Configuration tab.    Note: If ...

• N-Day & New Attack Vectors

  This article describes and explains the N-Day & Attack Vector rules in Polaris, these features are turned on by default and can be found in the settings of Polaris. To access the Rules tab: Under 'SITES', select your domain and click on 'Settings'. ...

• Load Balancing - what is it?

  Load balancing is the process of efficiently distributing network traffic between multiple servers to ensure that no single server gets overloaded and stressed at any point in time.  These are just some of the benefits of load balancing: Better ...

• Browser Integrity Check - Polaris Loading Screen

  What is the loading screen? When a user first connects to a website protected by Polaris, there is a loading screen informing them that the website is protected by Polaris and that they will be redirected shortly. This is part of the browser ...