custom rule (ip.geoip.country ne “PE”) not working. When tested from a PC outside the country, cloudflare keeps showing the “verify you are human” page and website never loads. Website only loads within country IPs.
What steps have you taken to resolve the issue?
Deactivate and activate rule. When deactivated all websites under domain works fine.
Was the site working with SSL prior to adding it to Cloudflare?
Yes
What is the current SSL/TLS setting?
Full
What are the steps to reproduce the issue?
Activate rule with the following configuration: (ip.geoip.country ne “PE”)
and select: Managed Challenge
May I ask if you’re trying to allow requests from the particular country, or rather Challenge all of them?
Is it the only Custom Rule on your WAF Rules list or you’ve got some more others which might be in a conflict with it or execute before it?
You’ve got only this in the particular rule (nothing else), simple as-is, correct? Asking if you could possibly share a screenshot of the WAF Rule if it got anything else in, since sometimes Custom Rules become complex to execute exactly whatn we need and we also combine multiple things into the single one for efficiency and being more effective.
May I ask if you’ve also tested it via Trace Tool to cross-check what happens as well?
May I ask if there’s any chance you’ve added your IP address as a temporary troubleshooting to the WAF → Tools → IP Access Rules with the action “Manage Challenge”? Somtimes it happens we left it sitting there and forget about it, then we cannot figure out why Custom WAF Rule isn’t working as expected.
Answering your questions:
1.- May I ask if you’re trying to allow requests from the particular country, or rather Challenge all of them?
Answer: I’m trying to challenge any connection that is not coming from the particular country (not equal to Peru,
(ip.geoip.country ne “PE”)
2.- Is it the only Custom Rule on your WAF Rules list or you’ve got some more others which might be in a conflict with it or execute before it?
Answer: Is the only rule I configured. Now is disabled because is not working correctly.
