IP Access rules order/precedence

Is there any order/precedence in how IP Access rules (Security - WAF- Tools) are processed?

1st rule blocks traffic from x.x.0.0/16.
2nd rule allows traffic from x.x.x.0/24.

Disregarding the WAF/bots/etc. rules down the line.

What happens when x.x.x.1 tries to reach a site?

What if the 1st and 2nd rules are reversed?

What if the block rule is changed to challenge?

I checked this a few weeks ago for allow and block. Allow rules process first, then block rules. I would assume challenge happens in between.

The IP access rules themselves are first in the pipeline and can’t be overriden by WAF custom rules. You can use the Trace tool on the account page to simulate your rules.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.