Odd Firewall Rule issues?

Hi all, while I am reading on how to do better fw/access rules, we have had these rules in place for quite sometime. Basically if Country NE to xx or yy or zz then challenge. We added some other countries in that were needed for fb/gmb to be able to query blog posts and stuff. It works like 99% of the time, but then today we cannot post to social media, okay fine, I goto the rules and basically the rule says Country = United States , Action = Challenge

I’m surprised that hasn’t bit you hard before this point. It’s going to challenge everybody.

It’s like a bouncer at a bar with “The List”. You’re saying: If it’s NOT Bob, then challenge, OR if it’s NOT Joe, then challenge. Well…Bob is NOT Joe, so he’s going to be challenged.

If you use AND…the bouncer goes down the list when Smitty shows up. He’s not Bob AND he’s not Joe, so he’s going to be challenged.

It’s better to use the “Not In” list option.


Ok, I had that originally and when this problem popped up, I went with OR so the rule is if country NE US or NE Canada then challenge

