Nova WAF's allows you to set the paranoia level of the ruleset in order to automatically adjust the strictness of the WAF.
Level 1 Recommended
For most users we recommend Level 1, the default. Higher levels increase false positives.
There are 4 levels you can use to set the aggressiveness of the WAF ruleset. Each is described below.
Level 1 (default)
Adequate security to protect almost all web applications from generic exploits. We recommend most users to use this level by default, to ensure reduce disruption from false positives.
A slightly higher level of security to block almost all web application exploits. This may result in some false positives, and require whitelisting.
A more paranoid approach to web security. You may experience a higher number of false positives.
Level 4 (most paranoid)
The most paranoid, preventive approach to security. This mode may block a large amount of legitimate requests to your site and requires training.