Support Matrix for Custom Signature Rules

Traceable provides Custom Signature Rules across all supported WAF integrations, with varying support for specific attributes and operators. The support matrix serves as a reference for creating these rules, ensuring they are effective and efficient. The matrix highlights supported attributes, operators, and descriptions of each attribute supported. It helps you understand compatibility and implement rules effectively across environments. To create a Custom Signature rule, navigate to Protection → Settings → Custom policy and click the Custom Signature tab.

The screenshot below highlights the attributes and supported operators for creating Custom Signature Rules. For more information, see Custom Signature.

Support Matrix

The matrix explains how different WAF providers handle request attributes and operators supported by each WAF integration, helping you configure rules that are reliable, effective, and consistent.

Note
Azure and F5 WAF integrations do not support Custom Signature Rules. However, they support threat actors and IP-based rules.
The supported operators in the matrix below have the following implications:
== implies matches exactly, and != implies does not match exactly.
Contains implies contains string, and ! contains implies does not contain string.
Match implies a match pattern, and ! match implies does not match a pattern.

Attributes	AWS	Akamai	Cloudflare	Fortinet	Google Cloud Armor (GCA)	Imperva	Supported Operators	Notes
Request URL	✔	✖	✔	✔	✔	✔	`==`, `!=`, `contains`, `!contains`, `match`, `!match`	One expression is required for Google Cloud Armor integration.
Request Header Name	✔	✔	✔	✔	✔	✔	`==`, `!=`, `contains`, `match`, `!match`	One expression is required for Google Cloud Armor integration. For Fortinet, the Request Header key supports the `contains` operator, but Traceable requires configuring it with the `==` operator since it does not support partial matches.
Request Header Value	✖	✔	✔	✖	✔	✔	`==`, `contains`, `match`	AWS and Fortinet do not support Request Header Value. Akamai only supports `==` and `match` operators.
Request Parameter Name	✔	✔	✔	✔	✔	✔	`==`, `!=`, `contains`, `match`, `!match`	Fortinet does not support `!match` operation.
Request Parameter Value	✔	✖	✔	✔	✔	✔	`==`, `contains`, `match`	Fortinet does not support `!match` operation.
Request HTTP Method	✔	✔	✔	✔	✔	✔	`==`, `!=`, `contains`, `!contains`, `match`, `!match`	The Request HTTP supports Standard methods: GET, POST, HEAD, PUT, DELETE, OPTIONS, TRACE, and CONNECT. One expression is required for Google Cloud Armor integration.
Request Host	✔	✔	✔	✔	✔	✔	`==`, `!=`, `contains`, `!contains`, `match`, `!match`	Two expressions are required for Google Cloud Armor integration.
Request User-Agent	✔	✔	✔	✔	✔	✔	`==`, `!=`, `contains`, `!contain`, `match`, `!match`	Two expressions are required for Google Cloud Armor integration.
Request Body	✔	✖	~	✖	✔	~	`==`, `!=`, `contains`, `!contains`, `match`, `!match`	Cloudflare WAF is only supported for Advanced/Enterprise modes.
Request Cookie Name	✖	✔	✔	✖	✔	✔	`==`, `!=`, `contains`, `!contains`, `match`, `!match`	Two expressions are required for Google Cloud Armor integration.
Request Cookie Value	✖	✔	✔	✖	✔	✔	`==`, `contains`, `match`	Two expressions are required for Google Cloud Armor integration.
Header (Key+Value)	✔	✔	✔	✔	✔	✔	Key : `==`, `!=`, `match`, `!match` Value: `==`, `!=`, `contains`, `!contains`, `match`, `!match`	Request Header Key only supports `==` operation. Request Header Value only supports `==` and `!=` operators.
Cookie (Key+Value)	✖	✔	✔	✖	✔	✔	Key : `==`, `!=`, `match`, `!match` Value: `==`, `!=`, `contains`, `!contains`, `match`, `!match`	Request Cookie Key only supports `==` operation. Request Header Value only supports `==` and `!=` operators.
Parameter (Key+Value)	✔	✔	✔	✔	✔	✔	Key : `==`, `!=`, `match`, `!match` Value: `==`, `!=`, `contains`, `!contains`, `match`, `!match`	Request Parameter Key only supports `==` operation. Request Header Value only supports `==` and `!=` operators. In Fortinet, the Request Parameter supports all operators except `!match` and when multiple conditions are applied, Fortinet evaluates them using OR expressions rather than AND.
Regex Pattern Matching	✔	✖	✔	✔	✔	✔	`match`, `!match`	Cloudflare integration supports regex pattern in Business/Enterprise only. Akamai does not support Regex pattern matching.