| Action exceptions | Description |
|---|---|
| '*' | Excludes all actions. |
| alert | Logs an alert when the threshold is reached. |
| deny | Blocks the request and sends a response. |
| all_custom | All of your custom actions. |
| abort | Terminates the connection without sending an HTTP response to the client or forwarding the request to origin. |
| allow | Logs the request and bypasses protections. |
| delay | Waits 1-3 seconds before responding. |
| ignore | Doesn't log the request and halts further evaluation. |
| tarpit | Keeps the connection open, but doesn't respond. |
| Attack type exceptions | Description |
|---|---|
| ipgeo | Attacks from specific IPs, subnets, geographic areas, and more. |
| rate | High-rate clients that send requests at an excessive rate. These attacks are configured in your rate policy. |
| urlProtection | Application-layer DDoS attacks defended against by URL Protection. |
| slowpost | Slow POST attacks, featuring extremely slow request rates. |
| customrules | The custom rules you created to handle scenarios not covered by standard rules. |
| waf | Known attacks mitigated by web application firewall (WAF) protections. |
| apirequestconstraints | Attacks on your API, featuring excessively large requests. |
| clientrep | Attacks from known malicious clients. |
| malwareprotection | Attacks from malware in uploaded files at the edge. |
| botmanagement | Bot activity, with protections specified in Bot Manager . |
| aprProtection | User account takeover attacks, with protections specified in Account Protector. |
| aifirewallprotection | Threats against your AI applications. |
| bde | Behavioral DDoS attacks. |