# Add Data Loss Prevention (DLP) rules

{% hint style="warning" %}
This configuration uses HTTP response scanning. Adding traffic scanning to HTTP responses adds a performance impact.
{% endhint %}

CloudGuard WAF allow configuring custom rules based on regular expressions, detected in key locations in HTTP/S traffic. The custom rules can allow creating signatures to be excluded from detection, but also adding specific signatures that will always be dropped.

The ability to configure such signatures to be detected on HTTP/S Response body, provides means of configuring Data Loss Prevention (DLP) signatures that will be dropped.

#### Step 1: Prepare DLP signatures

If there is a specific data type that should not appear on responses (for example credit card numbers, emails, etc.) - create in advance a regular expression list for each data type.

#### Step 2: Browse to relevant Web assets and configure custom rules for each signature

A full explanation on setting up custom rules and custom rules can be found [**here**](/setup-instructions/setup-custom-rules-and-exceptions-old.md).

The custom rule should:

* Use the "**Drop**" action
* Use the "**Response Body**" condition key.

The value for each custom rule condition should be a regular expression from the list that was prepared in step 1. It is recommended that the comment will explain precisely that this is a DLP signature.

Example:

<figure><img src="/files/jLbXui5NMKZaIMhXAtJY" alt=""><figcaption></figcaption></figure>

#### Step 3: Enforce Policy


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://waf-doc.inext.checkpoint.com/how-to/add-data-loss-prevention-dlp-rules.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.