Skip to main content

What you’ll need

Before you dive in, make sure you have the following prerequisites in place:
  • A bunny.net account ( Log in or sign up for a free trial).
  • An existing Shield Zone.
  • Advanced Plan or above on the existing Shield Zone.
  • Your AccessKey or JWT for API authentication.
These prerequisites ensure you have the necessary access and permissions to create and manage custom WAF rules effectively.

Creating a custom WAF rule

To get started, first ensure you understand the fundamentals of how we build a custom WAF rule on Bunny Shield. You can check out our Understanding Rule Engine documentation for more information. This rule processes each HTTP request by extracting only the REQUEST_URI (Variable), converting it to lowercase, and removing whitespaces (Transformations). It then verifies if the transformed REQUEST_URI matches exactly (Operator) with ‘/blockedpath’ (Operator Value). If a match is found, our WAF Engine will block (Response Action) the request, halting further rule processing and intercepting the request. With the basics covered, you can now create highly effective WAF rules tailored to protect your site with customized mitigation strategies.

Examples of custom WAF rules

To illustrate how you can implement custom WAF rules, here are some practical examples:

Block request by ASN

If you want to block requests that originate from a specific ASN, you can create a rule as follows:

Block Request by Country Code

If you want to block requests that originate from a specific country code, you can create a rule as follows: If you want to log requests that contain a specific cookie with a particular value, you can create a rule as follows:

Challenge request if a specific path is accessed

To challenge a user when they access a specific path, you can define a rule like this:

Block request if User-Agent is a known crawler

To block requests that have a User-Agent matching a known crawler, the rule would be: By customizing these rules, you can effectively mitigate specific threats and enforce security policies tailored to your application’s needs.