Polaris allows users to create custom rules such that the site will respond to every request appropriately as it passes through Polaris. Every rule contains a name, the rule condition, and the action to take based on the rule condition.
To access this feature, go to 'Settings':
Under 'SITES', select your domain and click on 'Settings'. Click on the 'Rules' tab and select 'Custom'.
To add a new custom rule, click on the blue 'Add Rule' button and a window will appear:
You can customize your new rule here.
These parameters help you customize your rule:
1) Rule Name: A specific name to differentiate your rule from other rules.
2) Define Rule Conditions
2a) The parameter to check. When a request comes in, Polaris checks for the information matching this parameter, the available parameters are:
- AS Num
- IP Address
- Request Method
- URI Full
- URI Path
- User Agent
- Threat Score (Threat Scores ranges from 1 to 100)
2b) Operator. The operator defines how Polaris compares the above selected parameter, the available options are:
- Does not equal
- Is in
- Is not in
- Greater than
- Less than
- Greater than or equal to
- Less than or equal to
2c) Value: Define the value for the parameter and operator to compare with.
2d) Logical Functions. This can be used to further customize the rule for it to be more precise as it allows you to add another parameter, operator, and operator value within the rule. However, the use of logical functions are optional, the available functions are:
- AND: To match different/all conditions within the same rule.
- OR: To match at least one of the multiple conditions within the same rule.
3) Action to be taken by Polaris. This defines the appropriate section for Polaris to take if the parameter(s), operator, and operator values match, the following available actions are:
- Allowed: Polaris allows the request to be forwarded for processing and response.
- Blocked: The request is denied and responded with a HTTP 403 (Forbidden) status code.
- Challenged (Captcha): Polaris will display a captcha challenge before the user can view the content.
- Log: Polaris will log it as a security event if it matches the custom rule's action.
- Redirect: Polaris redirects the web traffic to another server.
- Rewrite URI: Polaris updates a certain part in the URI with new information.
- Rewrite Header: Polaris updates a certain part in the header request with new information. Refer to the section below for more details.
- Remove Header: Polaris removes the header from the request.
- Rewrite Cookie: Polaris updates information in the cookie. Refer to the section below for more details.
- Remove Cookie: Polaris removes the cookie.
- Set origin IP address.
- Browser Integrity Check: Refer to this article for more details.
That's it, your new custom rule has been created! You may turn on/off and update the rule at anytime.
To rewrite header, the following information needs to be provided:
1) Header Name
2) Rewrite from
3) Rewrite to
4) Rewrite response: Polaris will redirect it to it's original request
5) Rewrite add to missing: In the event that the header does not exist, Polaris will add an empty string to the header when this option is turned on.
1) Cookie Name
2) Rewrite from
3) Rewrite to
4) Rewrite add if missing: If the cookie does not exist, Polaris will add an empty string to it when this option is turned on.