How to do Log/Simulate into Block

How can i block those attacks ?

i want its take this Action BLOCK

explain me

1 Like

Scroll down…

It already blocked still log/simulate

It might take up to 30 minutes for the new logs to ingest.

its 4 months now but not that new attacks not blocked this, just log/simulate

I’m on mobile and can’t dig around, but it’s possible that the specific rule number isn’t set to block.

1 Like

so can you tell me how to set to block.

The specific rule is only On/Off.

1 Like

Sorry, I don’t have an idea about this too. You might need to contact Cloudflare Support.

To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select get more help. If you receive an automatic response that does not help you, please reply and indicate you need more help.

Why they are not blocked in Additional logs ??

Please do not create multiple threads.

Please post a screenshot of this section of Firewall → Managed Rules

I want to block them not challenge sir


here its

The “OWASP ModSecurity Core Rule Set” is based on scoring system - the higher the score, more likely it’s an attack. This is why you are given the option to choose the sensitivity of the rule set (Low, Medium and High).

The “Additional logs” are contributing to the scoring system - if the traffic matches any of the OWASP rules, they will log it, but the final score will be calculated based on the logged items - which determines whether to block the traffic or not.

2 Likes

So that means they are blocked or what? but why they not show blocked in Additional logs but it shows BLOCKED in Action Taken.

Please read this again. The “Additional logs” are what determine the final action. This is the reason why the “Additional logs” are included in the firewall event. If the final action is Block, then the traffic is blocked.

If you still don’t understand, I guess I have to ask someone from Cloudflare @mdemoura to explain it in very detail.

1 Like

I’m still don’t understand, so can someone get explain me thank you.

Hi @sahill, can you provide a new screenshot of a recent Firewall event? We’ve recently made some improvements to how the OWASP CRS ruleset is logged so it’s best to explain with a newer example to the one you initially posted.


See the…

@mdemoura hello sir can you explain to me now why they do not block Additional Logs why it’s doing Log/Simulate.