We have big problem with firewall rules.
All request mach work, but not GeoIP.
Rule to allow access URI wp-admin or wp-login.php when country is in Brazil, after other rule with denied access to wp-login and wp-admin for all countries does not equal Brazil
In overview, I can see allow for any countries.
If create first rules for denied access to country “is not in” or “does not equal” Brazil (try 2 machs), the access is denied for all countries, but to Brazil too.
The first rule will basically allow all requests for *wp-login.php*. Furthermore it will allow all requests for *wp-admin* which orignate from Brazil. Is this what you wanted?
My first rule already is
(http.request.uri.path eq “/wp-login.php” or http.request.uri.path contains “wp-admin”) and ip.geoip.country ne “BR” (Allow)
2nd rule
(http.request.uri contains “wp-login.php”) or (http.request.uri contains “wp-admin”) (Block)