1. Unprotect root resource.
Create root realm (effective resource filter = "/" ) as unprotected so users would not be challenged.
You can have '*' for the rule to unprotect all and have sub-realms.
2. Use Regular Expression with '.' for the rule.
Create a rule with a regular expression to trigger only when there is a value. (expression = ".")
Yes, a dot only.
"." matches a single character. It does not matter what character it is, except a newline.
It means "." would only match if there is a value.
With this combination, the rule would not trigger when accessing https://www.test.com/
but it would for any request that is under it such as https://www.test.com/123.