I'm getting unexpected JS challenges after setting up my origin rule

mpurnell · June 3, 2023, 10:35am

I’m not interested in doing international business, so inconveniencing visitors from outside the US is not a problem for me. 90% of my form spam comes from the Russian Federation, with the remaining 10% scattered mostly from other international traffic. The simple rule below stopped all of it:

(ip.geoip.country ne "US") or (ip.geoip.country ne "CA")

Action: JS challenge

The problem is that all my US traffic gets the challenge, and Google’s business pages removed my website from the listing until I forced it back in.

albert · June 3, 2023, 10:48am

Your firewall rule is challenging traffic when:
a) Country is not US; or
b) Country is not CA

Since you are using the “or” operator and a request can’t come from both US and CA, this rule will challenge all requests.

The rule should instead look like (not ip.geoip.country in {"US" "CA"}). This will challenge requests when the country is not US or CA.

mpurnell · June 3, 2023, 11:21am

Yes, that is quite helpful. Thank you.