What is the name of the domain?
What is the issue you’re encountering
The rule won’t deploy and I’m receiving attacks from empty response headers every day.
What steps have you taken to resolve the issue?
Tried to amend the expression, started a support case over two weeks ago with CF but no answer.
What are the steps to reproduce the issue?
Enter this expression, intended to ban empty response headers:
(not http.request.headers[“x-requested-with”] has “” or not http.request.headers[“x-requested-with”] has “x-requested-with”)
and (http.request.full_uri contains “example.co.uk/*”)