I have enabled WAF for the main website (example.com)
But we have some problems in one of the sub-domains (api.example.com). Some of the requests are blocked and there is no log in the firewall events.
When the WAF is disabled every thing works fine.
Is there any work around to bypass WAF for one of the sub-domains?
I’ve defined a firewall rule to bypass all the features when (Hostname equals api.example.com).
But it does not work correctly. Still some of the requests are blocked by Cloudflare.