diff --git a/configs/fortigate/vdom_root/waf.cfg b/configs/fortigate/vdom_root/waf.cfg
new file mode 100644
index 0000000..39fde8d
--- /dev/null
+++ b/configs/fortigate/vdom_root/waf.cfg
@@ -0,0 +1,116 @@
+config waf profile
+    edit "default"
+        config signature
+            config main-class 100000000
+                set action block
+                set log disable
+                set severity high
+            end
+            config main-class 20000000
+                set log disable
+            end
+            config main-class 30000000
+                set status enable
+                set action block
+                set log disable
+                set severity high
+            end
+            config main-class 40000000
+                set log disable
+            end
+            config main-class 50000000
+                set status enable
+                set action block
+                set log disable
+                set severity high
+            end
+            config main-class 60000000
+                set log disable
+            end
+            config main-class 70000000
+                set status enable
+                set action block
+                set log disable
+                set severity high
+            end
+            config main-class 80000000
+                set status enable
+                set log disable
+                set severity low
+            end
+            config main-class 110000000
+                set status enable
+                set log disable
+                set severity high
+            end
+            config main-class 90000000
+                set status enable
+                set action block
+                set log disable
+                set severity high
+            end
+            set disabled-signature 80080005 80200001 60030001 60120001 80080003 90410001 90410002
+        end
+        config constraint
+            config header-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config content-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config param-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config line-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config url-param-length
+                set status enable
+                set log enable
+                set severity low
+            end
+            config version
+                set log enable
+            end
+            config method
+                set action block
+                set log enable
+            end
+            config hostname
+                set action block
+                set log enable
+            end
+            config malformed
+                set log enable
+            end
+            config max-cookie
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-header-line
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-url-param
+                set status enable
+                set log enable
+                set severity low
+            end
+            config max-range-segment
+                set status enable
+                set log enable
+                set severity high
+            end
+        end
+    next
+end