WAF Custom Rule Issue: Help!

What is the name of the domain?

none

What is the error number?

none

What is the error message?

none

What is the issue you’re encountering

Rule setup, but not working correctly.

What are the steps to reproduce the issue?

I setup a WAF custom rule with goal of blocking all country traffic, except United States, United Kingdom, Italy, and Canada, then deployed it. Within minutes the client contacted me to tell me he was blocked from the website, as was one of his customers.

I went to the website myself and got the same message that CF had blocked me.

I went back to review the rule settings (see screenshot) and it all looked fine, but the events (which had already racked up 300+ within 10 minutes) were clearly blocking visitors from USA. I temporarily disabled that rule to seek help of the community :).

Can anybody guide me on what I did wrong with this WAF custom rule to cause this?

Screenshot of the error

That rule will trigger 100% of the time, if you map out the logic. You need to use AND for those.

Better yet, use “Is Not In,” then you can put them all in one line. That literally translates into exactly what you said: “except United States, United Kingdom, Italy, and Canada”

Please give that a try.

2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.