https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256419#M348 <P>If I am understanding the request correctly, you would need to include the IPS "<STRONG>Protection Name</STRONG>" that you are looking to bypass. The list of them can be found in the release notes. By combining multiple factors your exception can be very specific in nature and not bypass everything.&nbsp;<BR /><BR /><A href="https://portal.checkpoint.com/dashboard/appsec/cloudguardwaf#/waf-policy/release-notes/ips-signatures?noframe=true" target="_blank">https://portal.checkpoint.com/dashboard/appsec/cloudguardwaf#/waf-policy/release-notes/ips-signatures?noframe=true</A>&nbsp;</P> Tue, 02 Sep 2025 18:03:33 GMT Bryan-Smith 2025-09-02T18:03:33Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256084#M340 <P><SPAN>If a false positive is noticed on a certain path, how can I set up a rule to accept that characteristic of the request path? Is there a manually way to fine tune or accept certain IPS or WAF signatures for a specific endpoint? I have already tried some options here in the Rules/Exceptions without success.</SPAN></P><P><SPAN>Thank you in advance.</SPAN></P> Wed, 27 Aug 2025 18:52:43 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256084#M340 ClaudioSS 2025-08-27T18:52:43Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256410#M343 <P>Have you seen the example here:&nbsp;<BR /><BR /><A href="https://waf-doc.inext.checkpoint.com/setup-instructions/setup-custom-rules-and-exceptions#configure-an-existing-custom-rule-exception-as-global" target="_blank">Setup Custom Rules and Exceptions | CloudGuard WAF</A></P> <DIV id="tinyMceEditor_80450cc0cf1ec5BryanSmith_0" class="mceNonEditable lia-copypaste-placeholder">&nbsp;</DIV> <P>&nbsp;</P> Tue, 02 Sep 2025 17:17:29 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256410#M343 Bryan-Smith 2025-09-02T17:17:29Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256412#M344 <P>I had customer ask me the same question recently and TAC provided the same as&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/72499">@Bryan-Smith</a>&nbsp;</P> <P>Andy</P> Tue, 02 Sep 2025 17:35:50 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256412#M344 the_rock 2025-09-02T17:35:50Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256415#M345 <P>Thanks for the reply, Mr. Bryan-Smith.</P><P>Yes, I understand that section shows us how to create an exception for a query string parameter, but I supose this would completely bypass the URI path checking. So, I don't see how to specifically bypass something related to a false positive one other than disable all checking in there.</P><P>So, that's my million dollar question, how to bypass not all, but single signature?</P><P>By wildcard matching the signature content in the uri one by one? Maybe?</P><P>Bests regards</P> Tue, 02 Sep 2025 17:49:50 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256415#M345 ClaudioSS 2025-09-02T17:49:50Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256417#M346 <P>Thanks, man, for the info!</P><P>I appreciate it.</P><P>Best regards.</P> Tue, 02 Sep 2025 17:54:05 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256417#M346 ClaudioSS 2025-09-02T17:54:05Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256418#M347 <P>No problem!</P> Tue, 02 Sep 2025 17:55:33 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256418#M347 the_rock 2025-09-02T17:55:33Z https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256419#M348 <P>If I am understanding the request correctly, you would need to include the IPS "<STRONG>Protection Name</STRONG>" that you are looking to bypass. The list of them can be found in the release notes. By combining multiple factors your exception can be very specific in nature and not bypass everything.&nbsp;<BR /><BR /><A href="https://portal.checkpoint.com/dashboard/appsec/cloudguardwaf#/waf-policy/release-notes/ips-signatures?noframe=true" target="_blank">https://portal.checkpoint.com/dashboard/appsec/cloudguardwaf#/waf-policy/release-notes/ips-signatures?noframe=true</A>&nbsp;</P> Tue, 02 Sep 2025 18:03:33 GMT https://community.checkpoint.com/t5/WAF/How-to-create-an-exception-rule-for-a-specific-attack-in-a-given/m-p/256419#M348 Bryan-Smith 2025-09-02T18:03:33Z