Any issues with this rule?

I came across the WAF rule online and implemented it just yesterday… Less than 24 hours later, it has over 1300 firewall events! These are events that were stopped at Cloudflare, without getting to my web server. I did discover this rule was blocking a script from running on my server, but I fixed it with another exclusion/skip rule. But other than that, do you see anything wrong with this rule, or something that should be added or changed about it?


Hi there,

Your rule will challenge all HTTP requests that meet the specified criteria. This means that any request with an HTTP version of 1.0, 1.1, or 1.2, and not associated with specific user agents like Googlebot, Bingbot, DuckDuckBot, facebot, Slurp, or Alexa, will be subjected to the action set on this rule.

1 Like

Yes, well I know what the rule does. And I’ve made a few more exceptions for integrations with my site. But my question is more about if this is a good practice; or could I be inadvertently blocking something I shouldn’t?

Actually I do have an issue and I’m not sure how to exclude it. I noticed that the little thumbnail images of products from orders in my store aren’t appearing in the emails.

When I look at the events, I see this:

I started to just make a rule excluding the ASN, but that would only be for my email. Other people who open order confirmation orders are obviously not all using gmail… So what would be the correct way to allow these thumbnail images to show up in peoples’ emails?

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.