Firewall Rule Based on Country is Hitting All Traffic

I am attempting to create a firewall rule that require all requests coming from outside the US and Canada to be challenged by captcha. When I test the rule, it’s hitting 100% of the total requests, even though all of our traffic is not from outside those two countries. What am I doing wrong?


And (pardon the pun) you’ll need and. Better yet, use not in.

Lol good catch. I’ve edited the post. So it is my understanding that if the AND operator is used, the originating traffic will have to be from both Canada and the US, which is not possible. Am I incorrect? I changed it to the NOT IN operator, and unfortunately cannot test. Is there a way to test a captcha rule before deploying it?

Do you want North America or its two predominantly English-speaking nations?

In either case, the posted suggestion should do the trick.

You were using does not equal comparison. If you want to ensure visitors not from Canada and United States get challenged, you have to use and operator. That means both conditions are not true, then only execute (send the challenge to the visitor).

1 Like

That would be the case if you checked for the countries, you have a negation here however and currently you’ll actually challenge every request, unless a request came from both countries at the same time.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.