DDoS Attack could bypass WAF Rule?

Hi All,
We got notification today about detected DDoS attack on our domain. After checking detail event, it’s came from other country.

My question is, how could those attack happen while we have custom WAF rule that only allow traffic from our country, block any traffic from outside.

Blockquote
(not ip.geoip.country in {“ID”})
Blockquote

Any suggestion ?

Requests passing through Cloudflare’s network go through a sequence. DDoS blocking happens at the very beginning of the sequence (before WAF). DDoS attacks are blocked before WAF rules are even looked at.

@digitalpoint , I got it .
Thanks for your answer.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.