I recently started using the Cloudflare Lists API to add DDOS IP addresses that hammer my webserver.
I have no issues with using the API, and the high hit IP’s are being correctly added to the list.
My issue is that when I use this list in combination with a “block” rule within the firewall, the IP doesn’t seem to get blocked, or at least the connection is not terminated and the IP continues to hammer the server.
The rule I’m using is shown below:
As far as I know, this should work fine in blocking any new IP that gets added to the list.
It only “works” after I manually add the IP address to the rule, as shown below:
Is there some sort of limitation with an IP being added to the list, and the firewall rules updating?
P.S - I saw that the IP address in question was added to the list an hour before I noticed it was still hitting my webserver, so I don’t think the issue is just that I didn’t wait long enough to see any results.
I hope this is clear to at least a few of you, any help or ideas would be really appreciated!