Hi everyone, I’m new to Cloudflare and I’m experiencing spam issues on my site from different countries around the world. I activated cloudflare to be able to activate the WAF firewall to block these countries via geolocation. First I associated my domain and activated DNS on cloudlfare. Once this was done I activated the firewall with the rule you see in the attachment. But after these steps I continue to receive entries from these countries, the activity count in the last 24 hours of the rule has still been at zero for days. Can you tell me if I did something wrong or if there is some other additional configuration to do to make the block actually active? Thank you very much in advance for your support Giorgio
If not, double-check and make sure DNS records are set to proxied to make sure WAF Custom Rules would apply, among other Cloudflare features for your domain.
From the shared screenshot above, I am afraid you’re using a wrong operator AND between each of your criteria.
You should consider using OR operator to make it work as expected and block all the requests coming to your domain from those countries.
Otherwise, you can use “is in” operator as follows:
(ip.geoip.country eq "DZ") or (ip.geoip.country eq "BD") or (ip.geoip.country eq "EG") or (ip.geoip.country eq "JP") or (ip.geoip.country eq "MA") or (ip.geoip.country eq "NP") or (ip.geoip.country eq "OM") or (ip.geoip.country eq "PK") or (ip.geoip.country eq "LK") or (ip.geoip.country eq "TN") or (ip.geoip.country eq "ZW")