WAF custom rule not working

Answer these questions to help the Community help you with Security questions.

What is the domain name? bristolreslet.com

Have you searched for an answer? yes

Please share your search results url:

When you tested your domain using the [Cloudflare Diagnostic Center](https://www.cloudflare.com/diagnostic-center/), what were the results? no result

Describe the issue you are having:

We have a custom WAF rule that doesnt block

(http.request.uri.query eq "mdrv=www.bristolreslet.com")

What error message or number are you receiving?

no Cloudflare block page - just webserver.

What steps have you taken to resolve the issue?

  1. changed equals to contains
    2.raising this topic
  2. does it need a business plan for WAF?

Was the site working with SSL prior to adding it to Cloudflare? Yes

What are the steps to reproduce the error:

  1. search against - https://www.bristolreslet.com/?mdrv=www.bristolreslet.com

Have you tried from another browser and/or incognito mode? yes

Please attach a screenshot of the error: getting error page from webserver not Cloudflare.

It blocked me! with 4 different IP addresses (mine and 3 from VPN)

Make sure you don’t have any other rule with Bypass, Allow or Skip action for your IP address or perhaps user agent.

Do you get the lightspeed 403 page? That’s the web server not Cloudflare.

Thanks for looking.

No. I see a Cloudflare Error page.

Error page

Please check on your Cloudflare Dashboard > Security > Events and filter for “Query string contains mdrv=”, and you’ll be able to certify which security feature is performing the block, and if it is your custom rule or something else.

Hi - thanks for your support - I can see it working now. There seemed to be a delay in setting it up and it performing.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.