Failed to set sitePolicy for asset... using the original signatures

Issue

When the WAF inspects a request with not block or detect you may encounter the error in the cp-nano-http-transaction-handler.dbg logs:

Failed to set sitePolicy for asset... using the original signatures

This occurs when the WAF receives traffic for a host or port that does not have a defined policy. Since there is no matching asset, the WAF cannot apply a site policy and falls back to the default signatures.

Cause

• The request is being sent to a host/port combination that has not been defined in your WAF assets.

• Without a matching asset, the WAF cannot determine which policy to use.

Resolution

You need to update your asset configuration so that the WAF can apply the correct policy. The steps depend on your management mode:

If you are using the Web UI:

1. Navigate to Assets.

2. Locate the relevant host and port.

   • If it does not exist, create a new asset for this host/port.

   • If it exists, ensure the correct site policy is assigned.

3. Save and apply changes.

If you are using a Policy File:

Adjust policy using the policy file for Linux & Docker or CRDs for Kubernetes:

Verification

1. Send a request to the host/port again.

2. Check the WAF logs — the error should no longer appear.

3. Confirm that the intended site policy is now being applied