IP Access Rules not working inside Zone-Level WAF

In the CF Dashboard under Security > WAF, there is 1 rule in place to block access outside of the US.

When I click on the rule > Tools tab, I added 3 entries (, and an IPV6 Address - 2001:0fd8:331f:1b29:b55a:f57a:16e5:7935) which are IP addresses located outside the US that I need to allow access to the domain but they are still blocked.

Not sure what I am doing wrong.

If you are testing from the IPv6 connection, you may want to specify it as a /64 as devices will often randomise and change the lower bits of the address for privacy.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.