You can read this thread. But it makes no sense. Nextcloud does not only use WebDAV features for data transfer. It uses also normal HTTPS-requests. If you want to deny WebDAV or your WAF wants to deny it, it is incomplete and stupid. What is the function of your WAF? Security? Hopefully not. Probably more the management and any unnecessary requests.