From 10fd0f17e89d91d52ef30910bc81723b19c8455f Mon Sep 17 00:00:00 2001
From: John Poland <jdpoland@gmail.com>
Date: Sat, 11 Oct 2025 17:07:42 -0400
Subject: [PATCH] fortigate/vdom_Policy/waf.cfg Sat Oct 11 05:07:41 PM EDT 2025

---
 configs/fortigate/vdom_Policy/waf.cfg | 106 ++++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 configs/fortigate/vdom_Policy/waf.cfg

diff --git a/configs/fortigate/vdom_Policy/waf.cfg b/configs/fortigate/vdom_Policy/waf.cfg
new file mode 100644
index 0000000..f434b0b
--- /dev/null
+++ b/configs/fortigate/vdom_Policy/waf.cfg
@@ -0,0 +1,106 @@
+config waf profile
+    edit "default"
+        config signature
+            config main-class 100000000
+                set action block
+                set severity high
+            end
+            config main-class 20000000
+            end
+            config main-class 30000000
+                set status enable
+                set action block
+                set severity high
+            end
+            config main-class 40000000
+            end
+            config main-class 50000000
+                set status enable
+                set action block
+                set severity high
+            end
+            config main-class 60000000
+            end
+            config main-class 70000000
+                set status enable
+                set action block
+                set severity high
+            end
+            config main-class 80000000
+                set status enable
+                set severity low
+            end
+            config main-class 110000000
+                set status enable
+                set severity high
+            end
+            config main-class 90000000
+                set status enable
+                set action block
+                set severity high
+            end
+            set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
+        end
+        config constraint
+            config header-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config content-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config param-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config line-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config url-param-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config version
+                set log enable
+            end
+            config method
+                set action block
+                set log enable
+            end
+            config hostname
+                set action block
+                set log enable
+            end
+            config malformed
+                set log enable
+            end
+            config max-cookie
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-header-line
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-url-param
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-range-segment
+                set status enable
+                set log enable
+                set severity high
+            end
+        end
+    next
+end