WAF IP continent rule allowing only North/South America blocking US IP address

What is the name of the domain?

boilerwarehouse.com

What is the issue you’re encountering

WAF IP continent rule incorrectly blocking IP address

What steps have you taken to resolve the issue?

I’ve added a rule to skip the continent block for this IP address, but I’m not entirely sure why the IP is being blocked. According to Radar (https://radar.cloudflare.com/ip/98.123.222.66), the IP address is associated with the US

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

WAF rule of “(not ip.geoip.continent in {“NA” “SA”} and not http.request.uri contains “/.well-known/acme-challenge/”)” and visit from this certain IP address located in Kentucky (US)

Screenshot of the error

92.123.222.66 is part of AS209040 Akamai Technologies which is based in Milan, Italy, and is a proxy

OP’s first octet is 98, not 92

Is the URL being block for this IP on the path /.well-known/acme-challenge/?

No, it’s any/all URLs from that IP

That path is for Let’s Encrypt, since the challenge can come from servers across the world

Your rule uses the AND operator. This means the rule will ONLY apply if both criteria are met. That is, ONLY requests from NA & SA to URLs with the path /.well-known/acme-challenge/ are allowed: any other URLs will be blocked.

If you want to;

  • allow ONLY NA & SA requests to any URL on the site
  • and also allow requests from anywhere to /.well-known/acme-challenge/

… then change the AND in your rule to OR.

1 Like