Bunny Shield in its basic form is aimed at giving a simple and smooth experience for any user to take on, without having the knowledge/requirements to painstakingly carve out a security protocol to adhere to domain requirements. However, we do have some basic on-the-rail configurations you can adjust on Shield.
On the WAF (Web Application Firewall) page you are greeted with some toggleable options to change WAF behaviour:
Most of the togglable options are self explanatory. Some specific information on some options to consider:
Rule Execution mode: When set to log, all requests will not be blocked but logged for your convenience (visible in event logs). This ensures you can thoroughly review WAF block patterns before switching it to 'Block'.
Request body limit action: This is directly linked to your plan. If a WAF rule is triggered, but the request scan exceeds a certain size (defined in the plans, detailed here), the request can be blocked, logged, or ignored (carry on as normal).
Response body limit action: Same as above, but for a response body scan.
Real-Time threat intelligence: For advanced tier or higher, this is a system that collects information about new attack patterns/bad actors as they happen across the network. This data is leveraged to automatically action that traffic that may look suspicious.
If you have any more specific queries to how WAF operates or need help to tailor it to your needs, feel free to reach out to our Super Bunnies (support@bunny.net).