I am currently using the WAF to block all countries not specifically on a whitelist from accessing my domain. However, it seems WAF is blocking access even from the supposed whitelisted countries.
Here is a screenshot of the Security Overview WAF Log showing an IP in the USA was blocked even tho “US” should not have been blocked based on the “ne” WAF rule:
WAF whitelisted countries rule:
(ip.geoip.country ne “US”) or (ip.geoip.country ne “FR”) or (ip.geoip.country ne “GB”) or (ip.geoip.country ne “JP”) or (ip.geoip.country ne “IL”) or (ip.geoip.country ne “CA”) or (ip.geoip.country ne “ES”) or (ip.geoip.country ne “IT”)
How can this be fixed so only countries NOT in the list get blocked?
(ip.geoip.country in {“US”,“FR”,“GB”,“JP”,“IL”,“CA”,“ES”,“IT”})
with an “Allow” option, and got this error trying to save the updated expression:
Filter parsing error (1:23): (ip.geoip.country in {“US”,“FR”,“GB”,“JP”,“IL”,“CA”,“ES”,“IT”}) ^^^^ invalid digit found in string while parsing with radix 16