The handling function is the ability to handle unauthorized HTTP communications detected through the inspection function and the like, according to a defined process. The three methods which can be defined are pass-through processing, error handling, and blocking.
Pass-through processing is a way to either handle an unauthorized HTTP communication as is, or send it to a website. This method is generally used in cases such as inspecting HTTP communications at the time of WAF implementation, or recording an unauthorized HTTP communication that is detected.
Error Handling refers to the process through which a WAF generates an error response and sends the error response to the user or web site, rather than sending the unauthorized HTTP communication detected.
Blocking refers to the method of intentionally discarding unauthorized HTTP communications that have been detected. When the WAF discards the HTTP communication, one of the following methods are utilized: Send an HTTP communication disconnection response to the user or website, or send nothing in response to the HTTP communication.