Prevent Data Transfer w WAF Rule

What is the name of the domain?

rtjobsite.com

What is the issue you’re encountering

Want to prevent data transfer from block on WAF

What steps have you taken to resolve the issue?

I have created several WAF rules, and they say no one has passed, yet I still see data transfers. How can I prevent data transfer from anyone who does not pass a rule? I have them currently as ‘Managed Challenge’ or higher with a captcha.

Why not with “block” action, which stops anyone completely trying to execute such request or visit the URL to download a file or see the content? :thinking:

I double-checked, and the rule is a block, but I’m still seeing data transfers.


Screenshot 2024-11-15 104955

Can you clarify what this means and what you see?

This is the last 30 minutes; the block has been on for a day or more.

And do you see any corresponding requests on the origin server? A WAF rule is executed by a web application firewall. That means at a minimim an HTTP(s) session has been initiated before a request can be evaluated against the rule(s). That requires some level of data transmission to occur.

If the users aren’t bypassing the WAF and connecting to the origin, then the WAF rules are working. Since you indicate no one has passed the rules that would also indicate that they are working.

1 Like

Ok, so it is working as intended. Got ya—no way to stop some pull as it is checking.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.