If an IP makes a request that triggers the WAF, that request will be blocked by the WAF. However if that IP makes subsequent requests that do not trigger the WAF, those new requests are not blocked. In order to block/challenge all future requests from that IP, the IP has to manually be added behind a Firewall rule.
It would be great to have the option within Cloudflare to automatically block/challenge IPs if they have previously triggered once or multiple times the Cloudflare WAF.
Does anyone know if there has been any update on this? I saw another post asking for something similar and someone suggested using the relatively new ‘List’ feature, but I’m not sure there’s a way to add an IP address to a list as an action when a WAF rule triggers on it?