Link11 WAAP
v5
v5
  • Link11 WAAP Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Link11 WAAP
  • How Link11 WAAP Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Authenticate mobile app users
      • Ban, unban, and allowlist traffic sources
      • Bypass Link11 WAAP for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Enable mTLS (mutual TLS)
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Link11 WAAP API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / LWCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page
  • Overview
  • Usage within applications and APIs
  • Administration
  • Components
  • Individual parameters
  • Name
  • Description
  • Type
  • Tags
  • Status code
  • Response Headers
  • Content

Was this helpful?

Export as PDF
  1. Console UI Walkthrough
  2. Security

Actions

Actions to perform in response to traffic analysis

PreviousACL ProfilesNextDynamic Rules

Last updated 1 month ago

Was this helpful?

Overview

At various stages in the traffic filtering process, Link11 WAAP can execute an action according to the characteristics of the request. These actions are defined within Actions.

Out of the box, L11WAAP includes several default Actions for admins to select. Additional ones can also be defined.

Usage within applications and APIs

Administration

The main page lists all current Actions.

Components

An Action consists of the following:

  • The Type of the action

  • Additional Type-specific parameters

  • Tag(s) to attach to requests that triggered this action

  • General parameters for administration

Individual parameters

Name

A name for this Action, to be used within the interface.

Description

Information about this Action, for use within the interface.

Type

This parameter will be one of the values below.

Setting
Effect

Skip

Block

Adds the tag(s) to the request, and sends a response to the user with the defined Response headers, Status code, and Content.

Challenge

Interactive Challenge

Monitor

Prioritization

The priority hierarchy is, from highest to lowest:

  • Skip

  • Block

  • Challenges (bot and/or interactive)

  • Monitor

Tags

A list of one or more tags, separated by spaces. When this Action is triggered, these tags will appear in the traffic logs.

Status code

The status code returned to the user. (Optional: only applies to those responses that return a code.)

Response Headers

A list of header(s) to add to the response that is sent to the user, specified as the header name and its value. Example: content-type and text/html.

Content

The response sent to the user, of the appropriate format and type. Example: if there is a Request Header of content-type and text/html, then this should begin with <html> and end with </html>.

Actions are available at various stages of the , e.g. , , , and .

As shown in the diagram below, different types of Actions can occur at various stages. An Action can terminate the processing of a request by blocking it, but other Actions (Skip, Challenge, and Monitor) are available as well, with different outcomes. See the description below of the .

The administration (addition/deletion/editing/versioning) of Actions follows the conventions described .

Adds the tag(s) to the request, then skips the remainder of the traffic evaluation process (similar to the Bypass option in ). Note that any Response phase will still be executed (as they are not part of the evaluation process).

Adds the tag(s) to the request, and issues a to verify that the user is human.

Adds the tag(s) to the request, and issues an to verify that the user is human.

Adds the tag(s) to the request, and continues to the next stage of without responding to the user. Admins can also define Request headers to add to the request as it is passed upstream.

Sometimes Link11 WAAP must choose one of several potential Actions. For example, when a request matches the conditions for multiple , each Filter will include an Action. The system must execute the highest-priority one.

traffic filtering process
Global Filters
Rate Limit Rules
ACL Profiles
Content Filter Profiles
Global Filters
Type parameter
bot challenge
interactive challenge
traffic processing
Edge Functions
here
ACL Profiles