apiVersion: security.policy.gloo.solo.io/v2 kind: WAFPolicy metadata: annotations: cluster.solo.io/cluster: "" name: basic-auth namespace: bookinfo spec: applyToRoutes: - route: labels: route: ratings config: customInterventionMessage: custom-intervention-message customRuleSets: - ruleStr: |2 SecRuleEngine On SecRule REQUEST_HEADERS:User-Agent "test([1-5])$" "deny,status:403,id:1,phase:1,msg:'blocked scammer'" disableCoreRuleSet: true priority: 0